Magic numbers are the first bits of a file which uniquely identify the type of file. it can be helpful to look for file format signatures and inferring how the application is using them based on these signatures, as well as how these formats may be abused to provoke...
https://wiki.owasp.org/index.php/Testing_for_Local_File_Inclusion The File Inclusion vulnerability allows an attacker to include a file within the system, this happens due to bad handling of user input. Local File Inclusion (also known as LFI) is the process of...
This time we will be exploring RFI and read file explorer https://wiki.owasp.org/index.php/Testing_for_Remote_File_Inclusion RFI Remote file inclusion allows an attacker to include file remote (from the web servers point of view) possibly allowing code execution,...
This happens when a cyber-criminal controls somebody else’s account by using credentials (session ID, username number, etc.) In this example I will demonstrate this technique using Mutillidae, we’ll create 2 accounts and highjack it. OWASP 2017 - “A5 - Broken Access...
Log in to DVWA admin/password, Session IDs have 4 levels (low, medium, high, impossible) We will first inspect the low one. So, set the level to low Low This script is very basic and unsecure, due to the session ID is created in plaintext and uses the most common...
I am writing this based on OWASP and the book “The Web Application Hacker’s Handbook”. https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html Introduction The HTTP protocol is essentially stateless. It is based on a simple request-response...
This is a summary of some tips from “The Web Application Hackers Handbook” to test authentication mechanisms as well as recommendations for securing it, it think that book is a great resource for learning web app pentest. Brute-Forcible Login 1. Manually submit...
List of known tools that can help with your Web Application testing. Proxy Burp Suite - Integrated platform for performing security testing of web applications. Extensions Freddy the Serial(isation) Killer - detecting and exploiting serialisation libraries/APIs....