In previous chapters, we reviewed the attacker's kill chain, the specific approach used to compromise networks and devices and disclose data or hinder access to network resources. In Chapter 5, Advanced Social Engineering and Physical Security, we examined the different routes of attack, starting with physical attacks and social engineering. In Chapter 6, Wireless Attacks, we saw how wireless networks could be compromised.

In this chapter, we'll focus on one of the most common attack routes, through websites and web-based applications.

With adoption of technology, we can see multiple virtual banks in the market. These banks do not have any physical infrastructure; they are just made up of simple web/mobile applications. Web-based services are ubiquitous, and most organizations allow remote access to these services with almost constant availability. To penetration testers and attackers, however, these web applications expose backend services on the network, client-side activities of users accessing the website, and the connection between users and the web application/service's data.

This chapter will focus on the attacker's perspective when looking at web applications and web services. We will review attacks against connectivity in Chapter 8, Client-Side Exploitation.

By the end of this chapter, you will have learned about the following:

• Web application hacking methodology
• The hacker's mind map
• Vulnerability scanning
• Application-specific attacks
• Exploiting vulnerabilities in crypto and web services
• Maintaining access to compromised systems with web backdoors