Now that we have a clear understanding of the fuzzing concept, the terminology, and the attack types, let's start with web application-based fuzzing. As mentioned before, web application-based fuzzing is done by using URLs, forms, headers, and methods as the primary fuzz vectors. In this chapter, we will be using the following tools for fuzzing an HTTP-based web application: Wfuzz, Ffuf, and Burp Suite. Before moving forward, let's install the tools outlined in this section to hunt logical bugs.
Introduction to web app fuzzing
by Harpreet Singh,
Himanshu Sharma
Hands-On Web Penetration Testing with Metasploit
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
- Introduction
- Introduction to Web Application Penetration Testing
- What is a penetration test?
- Types of penetration test
- Stages of penetration testing
- Important terminologies
- Penetration testing methodologies
- Common Weakness Enumeration (CWE)
- Summary
- Questions
- Further reading
- Metasploit Essentials
- Technical requirements
- Introduction to Metasploit Framework
- Metasploit Framework terminology
- Installing and setting up Metasploit
- Getting started with Metasploit Framework
- Interacting with Metasploit Framework using msfconsole
- MSF console commands
- Customizing global settings
- Variable manipulation in MSF
- Exploring MSF modules
- Running OS commands in MSF
- Setting up a database connection in Metasploit Framework
- Loading plugins in MSF
- Using Metasploit modules
- Searching modules in MSF
- Checking for hosts and services in MSF
- Nmap scanning with MSF
- Setting up payload handling in MSF
- MSF payload generation
- Summary
- Questions
- Further reading
- The Metasploit Web Interface
- The Pentesting Life Cycle with Metasploit
- Using Metasploit for Reconnaissance
- Web Application Enumeration Using Metasploit
- Vulnerability Scanning Using WMAP
- Vulnerability Assessment Using Metasploit (Nessus)
- Pentesting Content Management Systems (CMSes)
- Pentesting CMSes - WordPress
- Technical requirements
- Introduction to WordPress
- WordPress reconnaissance and enumeration
- Vulnerability assessment for WordPress
- WordPress exploitation part 1 – WordPress Arbitrary File Deletion
- WordPress exploitation part 2 – unauthenticated SQL injection
- WordPress exploitation part 3 – WordPress 5.0.0 Remote Code Execution
- Going the extra mile – customizing the Metasploit exploit
- Summary
- Questions
- Further reading
- Pentesting CMSes - Joomla
- Technical requirements
- An introduction to Joomla
- The Joomla architecture
- Reconnaissance and enumeration
- Enumerating Joomla plugins and modules using Metasploit
- Performing vulnerability scanning with Joomla
- Joomla exploitation using Metasploit
- Joomla shell upload
- Summary 
- Questions
- Further reading
- Pentesting CMSes - Drupal
- Performing Pentesting on Technological Platforms
- Penetration Testing on Technological Platforms - JBoss
- Technical requirements
- An introduction to JBoss
- Reconnaissance and enumeration
- Performing a vulnerability assessment on JBoss AS
- JBoss exploitation
- JBoss exploitation via the administration console
- Exploitation via the JMX console (the MainDeployer method)
- Exploitation via the JMX console using Metasploit (MainDeployer)
- Exploitation via the JMX console (BSHDeployer)
- Exploitation via the JMX console using Metasploit (BSHDeployer)
- Exploitation via the web console (Java applet)
- Exploitation via the web console (the Invoker method)
- Exploitation via JMXInvokerServlet using Metasploit
- Summary
- Questions
- Further reading
- Penetration Testing on Technological Platforms - Apache Tomcat
- Penetration Testing on Technological Platforms - Jenkins
- Logical Bug Hunting
- Web Application Fuzzing - Logical Bug Hunting
- Technical requirements
- What is fuzzing?
- Fuzzing terminology
- Fuzzing attack types
- Introduction to web app fuzzing
- Identifying web application attack vectors
- HTTP request verbs
- HTTP request URIs
- Fuzzing an HTTP request URl path using Wfuzz
-  Fuzzing an HTTP request URl path using ffuf
- Fuzzing an HTTP request URl path using Burp Suite Intruder
- Fuzzing HTTP request URl filenames and file extensions using Wfuzz
- Fuzzing HTTP request URl filenames and file extensions using ffuf
- Fuzzing HTTP request URl filenames and file extensions using Burp Suite Intruder
- Fuzzing an HTTP request URl using Wfuzz (GET parameter + value)
- Fuzzing an HTTP request URl using Burp Suite Intruder (GET parameter + value)
- HTTP request headers
- Summary
- Questions
- Further reading
- Writing Penetration Testing Reports
- Assessment
- Other Books You May Enjoy
Introduction to web app fuzzing
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.