Web Application Penetration Testing with bWAPP

P { margin-bottom: 0.08in; direction: ltr; color: rgb(0, 0, 0); widows: 2; orphans: 2; }A:link { color: rgb(0, 0, 255); }

http://www.ehacking.net/2014/02/web-application-penetration-testing.html
Web
application security is today’s most overlooked aspect of securing
the infrastructure. These days, hackers are concentrating their
efforts on our precious websites and web applications. Why? Websites
and web applications are an attractive target for cyber criminality
and hacktivism because they are 24/7 available via the Internet.
Mission-critical business applications, containing sensitive data,
are often published on the Internet through our web applications. In
addition, traditional firewalls and SSL provide no protection against
web attacks, and systems engineers know little about these
sophisticated application-level attacks…

It’s
definitely time to improve our web security! Defense is needed…
downloading and playing with bWAPP can be a first start… Wanted:
superbees.
bWAPP,
or a buggy web application, is a deliberately insecure web
application. It helps security enthusiasts, systems engineers,
developers and students to discover and to prevent web
vulnerabilities. bWAPP prepares to conduct successful web application
penetration testing and ethical hacking projects. It is made for
educational purposes.

P { margin-bottom: 0.08in; direction: ltr; color: rgb(0, 0, 0); widows: 2; orphans: 2; }A:link { color: rgb(0, 0, 255); }

What
makes bWAPP so unique? Well, it has over 60 web bugs! bWAPP covers
all major known web vulnerabilities, including all risks from the
OWASP Top 10 project.
[The
OWASP Top 10 provides an accurate snapshot of the current threat
landscape in application security and reflects the collaborative
efforts and insights of thousands of accomplished security engineers.
To reflect the ongoing changes in technology and common online
business practices, the list is periodically updated.]
Some
of the vulnerabilities included in bWAPP:
  • Injection
    vulnerabilities like SQL, XML/XPath, LDAP, HTML, SSI, Command and
    SMTP injection
  • Cross-Site
    Scripting (XSS), Cross-Site Tracing (XST) and Cross-Site Request
    Forgery (CSRF)
  • AJAX
    and Web Services issues (JSON/XML/SOAP)
  • Malicious,
    unrestricted file uploads and NSA backdoor files 😉
  • Authentication,
    authorization and session management issues
  • Arbitrary
    file access, directory traversals, local and remote file inclusions
    (LFI/RFI)
  • Configuration
    issues: Man-in-the-Middle, cross-domain policy file, information
    disclosures,…
  • HTTP
    parameter pollution and HTTP response splitting
  • Denial-of-Service
    (DoS) attacks, insecure WebDAV and FTP configurations
  • HTML5
    ClickJacking, cross-origin resource sharing (CORS) and web storage
    issues
  • Unvalidated
    redirects and forwards
  • Parameter
    tampering, cookie poisoning and insecure cryptographic storage
  • And
    much more…
bWAPP
is a PHP application that uses a MySQL database. It can be hosted on
Linux, Windows and Mac with Apache/IIS and MySQL. It can also be
installed with WAMP or XAMPP. Another possibility is to download the
bee-box
The
bee-box
is a custom Linux VMware virtual
machine pre-installed with bWAPP. It is compatible with VMware
Player, Workstation, Fusion, and with Oracle VirtualBox. It requires
zero installation! bee-box gives you several ways to hack and deface
the bWAPP website. Currently there are 10 website defacement
possibilities! It’s even possible to hack the bee-box to get full
root access, using a local privilege escalation exploit… With
bee-box you have the opportunity to explore, and exploit, all bWAPP
vulnerabilities! Hacking, defacing and exploiting without going
to jail… how cool is that?
You
can download bWAPP from here.
You can download bee-box from here.
Both
are part of the ‘ITSEC Games’ project. The ‘ITSEC Games’ are
a fun approach to IT security education. IT security, ethical
hacking, training and fun… all mixed together!

P { margin-bottom: 0.08in; direction: ltr; color: rgb(0, 0, 0); widows: 2; orphans: 2; }A:link { color: rgb(0, 0, 255); }

Take
a look at our ‘What is bWAPP?
introduction guide, including free training materials and exercises.
There is also a free cheat sheet available… Follow us on Twitter,
and receive this cheat sheet, updated on a regular basis, including
the latest hacks and hardening tweaks.
Have fun with
this free and open source project!
Education,
the most powerful weapon which we can use to secure the world.”
Cheers, Malik Mesellem (@MME_IT)
External
links
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Become an Expert in Ethical Hacking

This article is mainly addressing the audience who wants to pursue their career in Cybersecurity as a professional that provides ethical hacking services, whether...

5 Cybersecurity Tips to Keep in Mind When Working From Home

  Due to the ongoing global health crisis, more and more people are being forced to work from their homes. In fact, Forbes estimates that about...

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...