Penetration Testing of Computer Networks Using Burpsuite and Various Penetration Testing Tools

Dr. Hidaia Mahmood Alassouli

Casa editrice: Dr. Hidaia Mahmood Alassouli

Sinossi

Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Burp suite is a java application that can be used to secure or crack web applications. The suite consists of different tools, like a proxy server, a web spider an intruder and a so-called repeater, with which requests can be automated. You can use Burp's automated and manual tools to obtain detailed information about your target applications.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
In this report I am using a combination of Burp tools to detect and exploit vulnerabilities in Damn Vulnerable Web App (DVWA) with low security. By default, Burp Scanner scans all requests and responses that pass through the proxy. Burp lists any issues that it identifies under Issue activity on the Dashboard. You can also use Burp Scanner to actively audit for vulnerabilities. Scanner sends additional requests and analyzes the application's traffic and behavior to identify issues.
Various examples are outlined in this report for different types of vulnerabilities such as: SQL injection, Cross Site Request Forgery (CSRF), Cross-site scripting, File upload, Local and Remote File Inclusion. I tested various types of penetration testing tools in order to exploit different types of vulnerabilities. The report consists from the following parts:
1. Installing and Configuring BurpSuite
2. BurpSuite Intruder.
3. Installing XMAPP and DVWA App in Windows System.
4. Installing PHP, MySQL, Apache2, Python and DVWA App in Kali Linux.
5. Scanning Kali-Linux and Windows Using .
6. Understanding Netcat, Reverse Shells and Bind Shells.
7. Adding Burps Certificate to Browser.
8. Setting up Target Scope in BurpSuite.
9. Scanning Using BurpSuite.
10. Scan results for SQL Injection Vulnerability with BurpSuite and Using SQLMAP to Exploit the SQL injection.
11. Scan Results for Operating System Command Injection Vulnerability with BurpSuite and Using Commix to Exploit the OS Command Injection.
12. Scan Results for Cross Side Scripting (XSS) Vulnerability with BurpSuite, Using Xserve to exploit XSS Injection and Stealing Web Login Session Cookies through the XSS Injection.
13. Exploiting File Upload Vulnerability.
14: Exploiting Cross Site Request Forgery (CSRF) Vulnerability.
15. Exploiting File Inclusion Vulnerability.
16. References.

Disponibile da: 11/03/2023.

Lunghezza di stampa: 160 pagine.

Scienze e tecnologia

Altri libri che potrebbero interessarti

Magic Plants - Being a...

M.J.H. Heucher

Brought to you by Altrusian Grace Media and narrated by Matthew Schmitz 
Privately printed at Edinburgh in 1886, this is a translation of a Latin text written by M.J.H. Heucher in the late seventeenth century. This is a short pamphlet recounting the use of numerous botanical applications with regard to ancient medicine and magic and religion. Appended to the title-work is a text entitled "Confessions of Witches under Torture".

Mostra libro

The Last Wilderness

Murray Morgan, Tim McNulty

Murray Morgan's classic history of the Olympic Peninsula, originally published in 1955, evokes a remote American wilderness "as large as the state of Massachusetts, more rugged than the Rockies, its lowlands blanketed by a cool jungle of fir and pine and cedar, its peaks bearing hundreds of miles of living ice that gave rise to swift rivers alive with giant salmon." 
 
 
 
Drawing on historical research and personal tales collected from docks, forest trails, and waterways, Morgan recounts vivid adventures of the area's settlers—loggers, hunters, prospectors, homesteaders, utopianists, murderers, profit-seekers, conservationists, Wobblies, and bureaucrats—alongside stories of coastal first peoples and striking descriptions of the peninsula's wildlife and land. 
 
 
 
Freshly redesigned and with a new introduction by poet and environmentalist Tim McNulty, this humor-filled saga and landmark love story of one of the most formidably beautiful regions of the Pacific Northwest will inform and engage a new generation of listeners.

Mostra libro

Endometriosis - Manage Pelvic...

Lilly Richardsen

Endometriosis and adenomyosis are two chronic conditions that significantly affect the lives of women around the world. Both are often misunderstood, underdiagnosed, and associated with pelvic pain, yet they are distinct in their causes and manifestations. Understanding these conditions is crucial for improving awareness, diagnosis, and treatment options.
Endometriosis is a disorder in which tissue similar to the lining of the uterus grows outside the uterus, often causing inflammation, pain, and the formation of adhesions. This misplaced tissue can attach to organs such as the ovaries, fallopian tubes, and the outer surface of the uterus. The most common symptom of endometriosis is pelvic pain, which can vary from mild to debilitating. Women with endometriosis often experience pain during menstruation, intercourse, and bowel movements, and may also suffer from infertility. The condition affects approximately 10% of women worldwide, yet many go undiagnosed for years due to the subtlety of its symptoms and the lack of awareness among both patients and healthcare providers.
Adenomyosis, on the other hand, occurs when the tissue that normally lines the uterus grows into the muscular wall of the uterus. This can cause the uterus to become enlarged and tender, often resulting in heavy menstrual bleeding, cramping, and pelvic pain. Although adenomyosis shares some symptoms with endometriosis, such as pain and menstrual irregularities, it is distinct in its pathology and the way it impacts the body. Unlike endometriosis, adenomyosis is more directly related to the uterus itself, leading to a different set of challenges in terms of diagnosis and treatment.

Mostra libro

The Master Builder - How the New...

Alfonso Martinez Arias

"An ingenious argument" (Kirkus) for a "novel thesis" (Publishers Weekly) that cells, not DNA, hold the key to understanding life's past and present 
 
 
 
What defines who we are? For decades, the answer has seemed obvious: our genes, the "blueprint of life." In The Master Builder, biologist Alfonso Martinez Arias argues we've been missing the bigger picture. It's not our genes that define who we are, but our cells. While genes are important, nothing in our DNA explains why the heart is on the left side of the body, how many fingers we have, or even how our cells manage to reproduce. Drawing on new research from his own lab and others, Martinez Arias reveals that we are composed of a thrillingly intricate, constantly moving symphony of cells. Both their long lineage—stretching back to the very first cell—and their intricate interactions within our bodies today make us who we are. 
 
 
 
Engaging and ambitious, The Master Builder will transform your understanding of our past, present, and future—as individuals and as a species.

Mostra libro

Changeable Brain - What Cases of...

Ph.D. Lorin J. Elias

Brain injuries can result in highly specific and surprising changes in behavior that have revealed to us how the mind works.The brain is the most complicated object in the known universe. After spending millennia trying to understand our ever-changing world, the brain is now turning its capacities for reasoning, remembering, and understanding inward, as it tries to understand itself.The biggest breakthroughs in neuroscience have come mostly by accident. These accidents didn't happen in research labs. They happened on railway job sites, in showers, on bicycles, in cars or were the result of infections from uncommon diseases.When an individual suffers brain damage as the result of an accident or illness, the negative effects can be profound—life altering and lifelong—yet the insights offered by the effects of these injuries have been revolutionary for neuroscientists. Through an examination of landmark cases of traumatic brain injury, Dr. Lorin J. Elias explains how each case has expanded our understanding of the mind.

Mostra libro

PHP - Advanced PHP Functions

Andy Vickler

Are you a programmer interested in getting a deeper understanding of the concepts, features, and tools in the PHP programming language? 
Would you like to develop faster and easy-to-use programs using PHP? Or are you stuck in a certain PHP area and would like a solution to your problem? 
PHP is a fantastic programming language with simple fundamentals. If you learn PHP now, you'll be able to build anything from a basic contact form to a full-fledged web application. You'll also discover how to set up a mailing list and a content management system. 
Having stated that, this audiobook will show you how to achieve it. We'll also show you how to create PHP applications that tackle real-world issues. Because PHP is a web based language, having a basic understanding of HTML and CSS will be beneficial. Still, if you're new to HTML and CSS, this is a good place to start. Don't worry; HTML and CSS are as simple as one, two, and three. 
PHP is considered among the most important languages to use in programming. 
Why? 
Because it adds a lot of functionality to websites created in HTML. 
It is a general-purpose language even if the major reason it was designed is to generate web pages.

Mostra libro