Scribd
Upload
40 views

Web Security Testing

The document discusses techniques for assessing web security, including using HTTPS, brute force attacks with BurpSuite, URL manipulation, SQL injection, cross-site scripting (XSS), scanning with SUCURI and HostedScan Security. It analyzes the security of the website testphp.vulnweb.com using these techniques and finds it is not secure as it lacks HTTPS, is vulnerable to attacks like brute force and SQL injection, and scans show it is outdated and lacks monitoring/firewall protection.

Uploaded by

Hritika Rawat
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
40 views

Web Security Testing

The document discusses techniques for assessing web security, including using HTTPS, brute force attacks with BurpSuite, URL manipulation, SQL injection, cross-site scripting (XSS), scanning with SUCURI and HostedScan Security. It analyzes the security of the website testphp.vulnweb.com using these techniques and finds it is not secure as it lacks HTTPS, is vulnerable to attacks like brute force and SQL injection, and scans show it is outdated and lacks monitoring/firewall protection.

Uploaded by

Hritika Rawat
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Introduction to Web Security 2

Techniques of web security 2


1. Using HTTPS 2
2. Brute force attack through BurpSuite 3
3. URL Manipulation attacks 4
Trial and Error 4
4. SQL Injection 5
5. Cross-Site Scripting (XSS) 6
6. Using SUCURI website malware and security scanner 7
7. Hosted Scan security 9

Conclusion 9
Introduction to Web Security
Web Security Testing could be a kind of security Testing of an internet application that
uncovers vulnerabilities, threats, and risks during a computer code application and prevents
malicious attacks from intruders. it's performed to identify/uncover the protection loopholes
within the application and acquire them fastened with the associated intention of protecting
the appliance data/information from obtaining broken.

Web security testing aims to search out security vulnerabilities in internet applications and
their configuration. the first target is the application layer (i.e., what's running on the HTTP
protocol). Testing the protection of an internet application typically involves the causation of
differing types of input to impress errors and build the system to behave in surprising ways in
which. These therefore known as “negative tests,” examine whether or not the system is
doing one thing it isn’t designed to try to do. Here, we'll check “testphp.vulnweb.com” with
totally different techniques and tools..

Techniques of web security


1. Using HTTPS
HTTP, websites aren't secure. HTTP, or machine-readable text Transfer Protocol, is placed
at the forepart of website URLs so as to show an internet site. It’s a protocol employed by
the globe Wide internet so as to fetch HTML documents — or briefly, show web content.

Website URLs that are preceded by HTTP aren't secure. this suggests that your login data,
or worse nevertheless, your personal data like Mastercard numbers, may be taken, read, or
changed by hackers. you'll be able to scan additional regarding however HTTP affects
website rankings and down the page. On the opposite hand, website URLs that are
preceded by HTTPS are secure.

Hence, it's proven that the website isn't secure if they don’t support HTTPS. As shown in the
figure, it doesn’t have a security certificate.
2. Brute force attack through BurpSuite
Burp Suite could be a set of tools used for penetration testing of internet applications. it's the
foremost common tool among skilled internet app security researchers and bug bounty
hunters. we are able to do a login brute force exploitation this tool. it's one during which
hackers strive sizable amount of potential keywords or word combos t get unauthorized
access to a system or file. Brute force attacks ar typically accustomed defeat a scientific
discipline theme , like those secured by passwords.

To begin brute forcing, initial enter a user name and word within the login page and capture
the request in Burp Proxy.

Step1: activate intercept and submit the login type by dummy username and word. Press
Forward if the proxy shows the main points. Then choose the Post methodology Login
address from the positioning map. See here you'll be able to see your dummy username and
word. currently right click on the address and proceed to Send to entrant

step 2: currently head to Intruder->positions choice. Press Clear and choose solely
username and passwd price and add them with $. Select attack kind marksman to bomb

Step3: Goto Payloads choice and add 2 payloads (wordlist), One For username and another
for word.you will add manually or you'll be able to load the computer file.
3. URL Manipulation attacks
By manipulating certain URL parts,, a hacker will get an online server to deliver websites
they're not presupposed to have access. the positioning mechanically creates the data
present within the address. once navigating unremarkably, a user clicks the links planned by
the website. If a user manually modifies the parameter, they'll attempt different values, as
example,

Trial and Error


A hacker could check directories and file extensions every which way to search out
necessary info. Here are many classic examples:
Search for directories that make it doable to administer the site:
http://target/admin/
http://target/admin.cgi
Search for a script to reveal info concerning the remote system:
http://target/phpinfo.php3
Search for backup copies. The .bak extension is mostly used and isn't understood
by servers by default, which may cause a script to be displayed:
http://target/.bak
Search for hidden files within the remote system. On OS systems, once the site's root
directory corresponds to a user's directory, the files created by the system are also
accessible via the web:
http://target/.bash_history
http://target/.htaccess
The server accurately interprets dynamic pages, including backup files (.bak); however, the
server couldn't protect access to directories containing data and information. And the root
server is not secured as well. Hence, this is not secure.

4. SQL Injection
SQL injection may be a code injection technique that exploits a security vulnerability within
the information layer of an application. This vulnerability is found once user input is
incorrectly filtered for string literal escape characters embedded in SQL statements.

A productive SQL injection attack may result in unauthorized access to sensitive information,
like passwords, Mastercard details, or personal user info. several recent high-profile
information breaches have resulted from SQL injection attacks, resulting in reputational harm
and regulative fines.
This proves the website is vulnerable to SQL queries.

5. Cross-Site Scripting (XSS)


A tester should additionally check the web application for XSS (Cross-site scripting). Any
HTML, For Example, <HTML> or any script, For Example, <SCRIPT>, should not be
accepted by the application. If it is, the application can be prone to an attack by Cross-Site
Scripting.

The attacker can use this method to execute a malicious script or URL on the victim's
browser. Using cross-site scripting, an attacker can use scripts like JavaScript to steal user
cookies and information stored in the cookies.

The attacker can easily pass on some malicious input or <script> as a '&query' parameter
which can explore important user/server data on the browser.
6. Using SUCURI website malware and security scanner
SUCURI is one of the popular free web site malware and security scanner. we are able to
quickly check malware, blacklisting standing, injected SPAM, and defacements with
https://sitecheck.sucuri.net/.

This shows that the testphp.vulnweb.com site is not secure. This site is outdated, and there
is an absence of website monitoring and a firewall.
7. Hosted Scan security
HostedScan Security is an web service that automates vulnerability scanning for any
business. It provides a comprehensive suite of scanners to scan networks, servers, and
websites for security risks. It manages your risks via dashboards, reporting, and alerts.

Conclusion
Therefore, Testphp.vulnweb.com is not secure as it does not support HTTPS. Attackers can
easily hack it through brute force attacks, URL Manipulation attacks, and so forth
Unauthorized users can access it and execute malicious scripts through XSS. Moreover, it is
vulnerable to SQL queries. This site shows unsafe while checking from the SUCURI website
malware and security scanner, Hosted Scan security, etc.

You might also like