- Identifying websites
- Busting open websites
- Enumerating a website
- Crawling or spidering a website
- Scanning at scale
- Finding vulnerabilities with Nikto, Metasploit WMAP, and sqlmap
- Exploiting Node.js
- Injecting SQL
- Using Burp Suite to gain access to accounts
- Accessing content management systems
Skill Level Advanced
- [Malcolm] Web applications and web servers now form much of the attack surface of business and government systems, and are often the only technology exposed to the internet. As such, a pen tester needs to have a good understanding of the various technologies used and how to test them. Web servers come in many forms. They may be static HTML servers serving up information that changes only when the website is updated. They may be active servers running one or more of many different active languages.
They may be content management systems providing easily-scripted web content through one of a number of CMS solutions. In addition, there are a vast number of web applications which we may come across. A web server may present just an HTTP interface, or may have a number of interfaces supporting not only the web service, but other services also. It may be one of many named web servers on a single host. As a pen tester, the more we understand of the vast landscape of web services, the better placed we are to practice our craft.
I'm Malcolm Shore, and I spent a career helping governments and businesses protect their networks and systems against cyber attacks. In this course, I'll be introducing you to a variety of web technologies. We'll start by looking at various tools to enumerate the web platform to find more than the standard access vectors. The most important tool for the web tester is Burp Suite, and we'll take a good look at how we can use that to proxy, intercept, modify, and repeat messages.
We'll be using both our LinkedIn Learning lab and some of the servers that are in the standard Hack The Box lab. The latter servers may or may not be active when you're watching the course, but the LinkedIn lab machines will always be active for you to get hands-on. We'll use these labs to do penetration testing to gain access to web applications, to access information from the server, and we'll gain command shells. We'll look at a variety of exploit techniques that we can use when web testing.
This is one of a series of advanced courses in pen testing, which together provide the learning pathway to taking your Offensive Security Certified Professional qualification. Now, let's get started with Advanced Web Testing.