Gain insights into web app vulnerabilities and attack methods, delve into penetration testing with Kali Linux, and explore tools for enhancing information security using Python, web tech, and network management.

webpen.tar.gz

shodan_api

Wireshark

chrome

Burp

frog

proxychains

encoder

setoolkitChrome

chromeShark

juiceshop

BurpChrome

This course is intended for people interested in information security—particularly in the penetration testing of various websites—to identify the security flaws present in the majority of newly developed websites and how to fix them. 

You will learn web penetration testing techniques using the Kali Linux operating system. You will be introduced to Python programming, web server technology, network management, open source intelligence, cross-site scripting, SQL injection, authentication and authorization in systems, cross-site request forgery, social engineering attacks, and concepts in information security management. 

Your knowledge of the various web application vulnerabilities and attack methods will be enhanced after taking this course. You will get hands-on experience with many tools used in online penetration testing in cyber security.

Web Application Penetration Testing

# Overview

We've already discussed how to manually find areas that are susceptible to SQL injection. We've also discussed how to further probe those areas and then actually exploit them. Sometimes though, we just don't have the time to manually go through all the possible areas on a web application and try out everything that comes to mind. This is where a pentester should adopt a systematic approach, and automated tools enter the stage. Some of the common tools are:

- sqlmap
- jSQL Injection
- DSSS
- Metasploit (ships with a number of scanners)
- Nmap (queries a list of database vulnerabilities against relevant database servers)

# The sqlmap tool

This is an open-source pentesting tool that is used in automating the process of identifying and exploiting SQL injection vulnerabilities in a web application. It has a powerful detection engine and a broad range of switches. It provides features such as database fingerprinting,  harvesting, access to the underlying filesystem of a database, and remote code execution via out-of-band connections. As such, the tool's popularity is a no-brainer.

Let's test the sqlmap below. We'll be using [Acunetix's](https://www.acunetix.com/) intentionally vulnerable web application with the URL `http://testphp.vulnweb.com/`.

To get started, we enter the command `sqlmap -u <URL>` into the terminal. Since the website is made with PHP, it makes sense that PHP forms are being used. Specific forms must be passed to the tool for it to work properly. We'll ask for all the tables to be enumerated as well with the `--tables` switch. Our final command will then be:

```
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --tables
```

We can check its output by using the terminal below. First-time use will prompt for some confirmations; please accept them.

Learn how to automate the process of discovering possible SQL injections in a web application. 

Introduction to the Course

Introduction to Linux

Introduction to Python

Web and Server Technology

Network Management and Analysis

Open-Source Intelligence

Cross-Site Scripting

SQL Injection

Authentication and Authorization

Cross-Site Request Forgery

Social Engineering Attacks

Broader Security Concepts

Wrapping Up

Automatically Finding SQL Injections

Overview