In this chapter, we learned about the concepts and methods that are necessary to perform website penetration testing. We began by learning about what a website is, and we gave a brief overview of how backend processing takes place when we request a particular website on our devices. Then we discussed the techniques that are used to attack a website, as well as tools such as Metasploitable and DVWA.

In the next chapter, we will be focusing on information gathering and analysis, and also how to use this information to exploit the target system.