Join us on a literary world trip!
Add this book to bookshelf
Grey
Write a new comment Default profile 50px
Grey
Subscribe to read the full book or read the first pages for free!
I want to read the book!
All characters reduced
Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools - cover

Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools

Dr. Hedaya Alasooly

Publisher: BookRix

  • 0
  • 0
  • 0

Summary

Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Burp suite is a java application that can be used to secure or crack web applications. The suite consists of different tools, like a proxy server, a web spider an intruder and a so-called repeater, with which requests can be automated. You can use Burp's automated and manual tools to obtain detailed information about your target applications.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal  environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
In this report I am using a combination of Burp tools to detect and exploit vulnerabilities in Damn Vulnerable Web App (DVWA) with low security. By default, Burp Scanner scans all requests and responses that pass through the proxy. Burp lists any issues that it identifies under Issue activity on the Dashboard. You can also use Burp Scanner to actively audit for vulnerabilities. Scanner sends additional requests and analyzes the application's traffic and behavior to identify issues.
Various examples are outlined in this report for different types of vulnerabilities such as: SQL injection, Cross Site Request Forgery (CSRF), Cross-site scripting, File upload, Local and Remote File Inclusion. I tested various types of penetration testing tools in order to exploit different types of vulnerabilities. The report consists from the following parts:
1. Installing and Configuring BurpSuite
2. BurpSuite Intruder.
3. Installing XMAPP and DVWA App in Windows System.
4.  Installing PHP, MySQL, Apache2, Python and DVWA App in Kali Linux.
5. Scanning Kali-Linux and Windows Using  .  
6. Understanding Netcat, Reverse Shells and Bind Shells.
7. Adding Burps Certificate to Browser.
8. Setting up Target Scope in BurpSuite.
9. Scanning Using BurpSuite.
10. Scan results for SQL Injection Vulnerability with BurpSuite and Using SQLMAP to Exploit the SQL injection.
11. Scan Results for Operating System Command Injection Vulnerability with BurpSuite and Using Commix to Exploit the OS Command Injection.
12. Scan Results for Cross Side Scripting (XSS) Vulnerability with BurpSuite, Using Xserve to exploit XSS Injection and Stealing Web Login Session Cookies through the XSS Injection.
13. Exploiting File Upload Vulnerability.
14: Exploiting Cross Site Request Forgery (CSRF) Vulnerability.
15. Exploiting File Inclusion Vulnerability.
16. References.
Available since: 02/24/2023.
Print length: 66 pages.

Other books that might interest you

  • Finding Genius: Understanding Cancer - 30 Questions 70 Geniuses 200+ Amazing Insights - cover

    Finding Genius: Understanding...

    Richard Jacobs

    • 0
    • 0
    • 0 
    This book is for three kinds of audiences: 1) curious amateurs interested in science or overall wellness, 2) anyone who has been diagnosed with cancer or knows someone who has, and 3) medical, bioengineering, or other professionals who have a general knowledge of and curiosity about any or all aspects of cancer biology and treatment, but who are not experts in the field. 
This book is the result of 70+ interviews of genius-level medical and science professionals, primarily in cancer biology, research, and medicine. They have all been asked the same set of questions, and have answered to the best of their ability and knowledge. 
What you’re about to read is the answers to these questions, not from all the individuals, but from the most interesting 4 to 9 who answered each question. 
At the start of my journey in science, I already had a B.S. in Chemical Engineering, but that was from 1998, certainly not 2016 when I started. Reading scientific papers was difficult at first – I understood about 10% of what I was reading. As I interviewed more scientists, researchers, clinicians and others, I started to pick up the vocabulary and thinking process needed to read scientific papers. 
After a year of reading, my comprehension increased, and now stands at around 70%, typically. In the areas of physics or other sciences in which I’m not conversant, I understand about 30%. In advanced math, since it’s a language unto itself, especially at high levels, I am back to the 10% level. Apply yourself, and you’ll be surprised by what you can learn in a year’s time.
    Show book
  • If Cancer is a Gift Can I Return It? - From Grief to Healing - cover

    If Cancer is a Gift Can I Return...

    Agalia Baker, Dr. Sam Makhoul

    • 0
    • 0
    • 0 
    "I'm sorry, it's cancer."
Four words with the power to upend your entire existence and thrust you into an emotional whirlwind. As these words unravel, they unleash trauma, chaos, and threats to every facet of life – from health and body image to relationships, job, career, and future dreams. Thoughts swirl: What did I do so wrong to deserve this? How am I going to survive? Is my body going to be mutilated?
Agalia Baker, a retired advanced practice nurse with over forty years of experience, found herself shockingly unprepared when diagnosed with breast cancer. Searching for solace from the emotional hell she endured and unable to find answers, she took it upon herself to write the book she desperately needed during that challenging time. The result is an irreverent blend of healthcare insights and a personal journey seen through her eyes.
As Baker grapples with the emotional aftermath of her diagnosis, treatment, and failed reconstructive surgery, she unveils how the losses incurred due to breast cancer are intricately tied to the grieving process. Harnessing this information and understanding the body's natural defenses in response to threat is vital to withstanding the challenges facing someone in the midst of their own journey. This knowledge becomes a lifeline, empowering individuals to withstand the storm and make informed decisions during such a pivotal time.
    Show book
  • Private Renovations - The facts on penis enlargement options - cover

    Private Renovations - The facts...

    Dr. Ingrid Tall

    • 0
    • 0
    • 0 
    The small matter of size does matterStudies have found that 46% of men are unhappy with their penis size and this has created a plethora of men who are anxious or underconfident about their manhood. Most have no idea what average even is. Straight, gay, large, small, young, old, rich or poor – it’s a bigger man’s world, and now there’s a safe, effective, and reversable option for expansion that might put paid to the proverbial pissing contests for evermore. It’s men’s turn to use cosmetic medicine to enhance what Mother Nature gave them, and they want their share of filler.Dr Ingrid Tall tells it like it is, and demystifies who gets enlargements, why, and what it really is all about. Men who are curious, dissatisfied with their own status quo, or generally feeling some risqué in their frisque – it’s time to discover the options open to them for penis filler – the nonsurgical member extender for the 21st-century man.
    Show book
  • Introduction to E-Commerce for Beginners - Everything You Need to Know to Start and Succeed in Online Selling - cover

    Introduction to E-Commerce for...

    Anthony Sinclair

    • 0
    • 0
    • 0 
    Are you eager to dive into the world of online retail but unsure where to start? Look no further! "Introduction to E-Commerce for Beginners" is your essential guide to launching and thriving in the ever-evolving world of e-commerce. 
 Inside this book, you'll discover: Core E-Commerce Models: Learn about different business models, including B2C, B2B, C2C, and C2B, and find out which one best suits your goals.Setting Up Your Business: Gain insights into creating a solid business plan, navigating legal requirements, and choosing the right e-commerce platform.Building Your Online Store: Understand how to design an effective website, integrate secure payment solutions, and ensure a seamless user experience.Product Management: Get tips on sourcing products, managing inventory, and crafting compelling product listings.Marketing and Sales Strategies: Explore digital marketing essentials, social media tactics, email campaigns, and more to drive traffic and boost sales.Customer Service Excellence: Discover best practices for providing top-notch customer support and building long-term loyalty.Analyzing and Optimizing Performance: Learn how to track key metrics, implement improvements, and scale your business effectively.Future Trends: Stay ahead of the curve with insights into emerging technologies and innovations shaping the future of e-commerce. 
 With clear explanations, real-world examples, and practical exercises, this book equips you with the knowledge and confidence to start your e-commerce journey. "Introduction to E-Commerce for Beginners" is your ultimate resource for achieving success in the digital marketplace.
    Show book
  • A River Divided - cover

    A River Divided

    George Paxinos

    • 0
    • 0
    • 0 
    “As different artists sculpt different statues from the same block of marble, different environments produce different characters, even in identical twins.”Evelyn, a geneticist and amateur archeologist, makes a formidable discovery in Israel, the consequence of which is the birth of Christopher and José, identical twins raised apart, one in affluent Sydney, the other in the slums of Buenos Aires. The twins, unaware of each other’s existence or their origin, will meet for a moment only, in the Amazon, adversaries in the battle for the forest. Standing by both twins is Lorena, a medical student who under the claws of a dictatorship organizes the student environmental resistance.A novel whose heroes travel to four continents in search of their identity.How can values such as love, faith, forgiveness and freedom change their lives?What are the limits of science and the brain?Can there be consilience between humans and nature?
    Show book
  • Life Between the Tides - cover

    Life Between the Tides

    Adam Nicolson

    • 0
    • 0
    • 0 
    Inside each rockpool, tucked into one of the infinite crevices of the tidal coastline, lies a rippling, silent, unknowable universe. Below the stillness of the surface course different currents of endless motion—the ebb and flow of the tide, the steady forward propulsion of the passage of time, and the tiny lifetimes of its creatures, all of which coalesce into the grand narrative of evolution. 
 
 
 
In Life Between the Tides, Adam Nicolson investigates one of the most revelatory habitats on earth. Under his microscope, we see a prawn's head become a medieval helmet and a group of "winkles" transform a Dickensian social scene, with mollusks munching on Stilton and glancing at their pocket watches. Or, rather, is a winkle more like Achilles, an ancient hero, throwing himself toward death for the sake of glory? For Nicolson, the world of the rockpools is infinite and as intricate as our own. 
 
 
 
As Nicolson journeys between the tides, both in the pools he builds along the coast of Scotland and through the timeline of scientific discovery, he is accompanied by great thinkers. We meet Virginia Woolf and her Waves; a young T. S. Eliot peering into his own rockpool in Massachusetts. And, of course, scientists populate the pages; not only their discoveries, but also their doubts and errors, their moments of quiet observation and their realizations.
    Show book