Why do we need penetration testing?

Website Penetration testing basically describes the technical process of attempting to gain access to IT resources without knowing usernames and passwords, or other access routes, it covers testing of all these gateways to your precious data! Bear in mind that any hacker’s ultimate objective is gaining access to important data, for whatever purpose. They will generally be looking for logons, passwords, a company’s user’s details, confidential documents covering areas such as Intellectual Property and, in the case of state sponsored actors, state secrets and other strategically vital information. Today, there are many tools and techniques available to those with a nefarious purpose, so be warned! Gaining access – the difference between hackers and testers What really separates a penetration tester from a criminal hacker is the owner’s permission to attempt to gain access in the first place! In the end, the goal of the penetration test is to improve the overall security of the IT resources that are being tested. Sometimes the penetration tester will have been provided with basic user-level access with the goal being to then gain higher level administrator level access to the network/s etc. under test. Armed with enhanced access permissions, the tester will then look...
Read more

Kali Tools Tutorials For Web App Testing

Learn how to use the tools available on Kali Linux when performing advanced web application assessments. Official version available on Kali Linux website. 1) apache-users Package Description This Perl script will enumerate the usernames on any system that uses Apache with the UserDir module. apache-users Homepage | Kali apache-users Repo Author: Andy@Portcullis License: GPLv2 tools included in the apache-users package apache-users – Enumerate usernames on systems with Apache UserDir module apache-users Usage Example Run against the remote host (-h 192.168.1.202), passing a dictionary of usernames (-l /usr/share/wordlists/metasploit/unix_users.txt), the port to use (-p 80), disable SSL (-s 0), specify the HTTP error code (-e 403), using 10 threads (-t 10): root@kali:~# apache-users -h 192.168.1.202 -l /usr/share/wordlists/metasploit/unix_users.txt -p 80 -s 0 -e 403 -t 10 2) Arachni Package Description Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives. It is versatile enough to cover a great deal of...
Read more

DROWN SSL Vulnerability Checker

  Taken from DROWNattack.com: DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the web, use email, shop online, and send instant messages without third-parties being able to read the communication. DROWN allows attackers to break the encryption and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. Our measurements indicate 33% of all HTTPS servers are vulnerable to the attack. Any communication between users and the server. This typically includes, but is not limited to, usernames and passwords, credit card numbers, emails, instant messages, and sensitive documents. Under some common scenarios, an attacker can also impersonate a secure website and intercept or change the content the user sees. Websites, mail servers, and other TLS-dependent services are at risk for the DROWN attack. Modern servers and clients use the TLS encryption protocol. However, due to misconfigurations, many servers also still support SSLv2, a 1990s-era predecessor to TLS. This support did not matter in practice, since no up-to-date clients actually use SSLv2. Therefore, even though SSLv2 is known...
Read more