To give some background, for those of you who do not already know I work as a pentester and my specialism is web application pentesting/penetration testing(also referred to some as appsec). I started this series to help individuals wanting to get into security & learn about the fundamentals required to break into this industry. So continuing the theme of learning the basics, this post takes the position of web app testing and how to use some tools, some things to look for and some general tips and tricks. This post will mainly cover off the general topic however this can be applied to both penetration testing and bug bounty hunting.
For most of the people reading this, this may well be your first time looking at web applications from a hacking perspective. To get started it's worth explaining my opinion on what web app testing is and how it can aid application developers in making apps more secure. This post not only serves as an introduction to the basics it also aims to give a mini overall guide on how to approach, setup and do web apps.
Originally this was going to be all in one post however as the topic of Web App testing is so complex and has many branches it has turned into several posts. This will serve as an introduction and an outline of what is to come.
##What Defines a Web Application? There are many aspects that fall into the category however this is just a high level description. As a basic outline, a web application is anything accessed via a web browser without needing additional interaction such as flash, java, silverlight etc. This can be expanded to explain the likes of static sites, thick clients & web services.
##What is Web Application Testing? Now we have a rough outline as to what qualifies as a web application. It's time to explain(briefly) what I mean by testing when I refer to web application(web app) testing. To spin it lightly, web app testing is the art and methodology of working through an application with an intent of identifying misconfigurations, vulnerabilities and general bugs. At a high level it is essentially looking for ways to hack the application to make it do things it's not meant to!
##Why Web Apps vs Infrastructure? Personally I don't mind either however I feel having the skill set to test and assess web applications will stand you in better stead to enter the industry than that of someone with just infrastructure experience. Of course it is important to have a backing of infrastructure skills as well however to just focus on infrastructure is limiting yourself to what you can look at and learn. The main reason for this being that there are more and more apps today than there ever have been before and they just keep becoming more popular. Additionally we use the internet in an even greater capacity these days than before, upon this platform there are many web applications & sites.
##What Next?
As I have already stated above this has now grown arms and legs, as a result this has turned into a subsection series of Learning the Ropes 101 (LtR101). Below is the other sections of this topic(work in progress) The due dates are estimates.
####Learning The Ropes 101
- Learning The Ropes 101 - Introduction
- Basic Networking
- Operating Systems - Unix
- How important a Beautiful Report is & How to Make it!
- Important to Have some form of people skills
- Web Application Testing - Introduction
- Web Application Testing - Tooling
- Web Application Testing - Burp Suite[Due out End of November]
- Web Application Testing - Vulnerability Types [Due out End of Year]
- Web Application Testing - Further Reading [Due out End of Year]