With this chapter we will begin our coverage of the exploitation phase of a penetration test. This is the main difference between a vulnerability assessment, where the tester identifies vulnerabilities (most of the time using an automated scanner) and issues recommendations on how to mitigate them, and a penetration test, where the tester takes the role of a malicious attacker and tries to exploit the detected vulnerabilities to their last consequences: full system compromise, access to the internal network, sensitive data breach, and so on; at the same time, taking care not to affect the system's availability or leave some door open to a real attacker.

In previous chapters, we have already covered how to detect some vulnerabilities in web applications; in this chapter we are going to learn how to exploit these vulnerabilities and use them to extract information and obtain access to restricted parts of the application and the system.