A Samurai-WTF intro to the Zed Attack Proxy

Similar documents
Injectable Exploits. New Tools for Pwning Web Apps and Browsers

Web Application Penetration Testing

Certified Secure Web Application Engineer

ZAP Innovations. OWASP Zed Attack Proxy. Simon Bennetts. OWASP AppSec EU Hamburg The OWASP Foundation

Testing from the Cloud: Is the sky falling?

Testing from the Cloud: Is the sky falling?

CSWAE Certified Secure Web Application Engineer

CIS 700/002 : Special Topics : OWASP ZED (ZAP)

دوره تست نفوذ. Ver.1.2 شما میتوانید آنلاین در این دوره ثبت نام بلافاصله از آن استفاده کنید. Information Gathering. Bash scripting

CNIT 129S: Securing Web Applications. Ch 4: Mapping the Application

Getting Ready. I have copies on flash drives Uncompress the VM. Mandiant Corporation. All rights reserved.

OWASP live CD -- The most simple topics

Hacking Our Way to Better Security: Lessons from a Web Application Penetration Test. Tyler Rasmussen Mercer Engineer Research Center

Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing. Security Testing. Taming the Wild West

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

Lab 5: Web Attacks using Burp Suite

Penetration Testing. James Walden Northern Kentucky University

A D V I S O R Y S E R V I C E S. Web Application Assessment

Perslink Security. Perslink Security. Eleonora Petridou Pascal Cuylaerts. System And Network Engineering University of Amsterdam.

Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0. Last Revised: January 16, 2019

Moving Targets: Assessing the Security of Mobile Devices. March 3 rd, 2016 Kevin Johnson, CEO Secure Ideas

Introduction to Ethical Hacking

Barracuda Web Application Firewall Foundation - WAF01. Lab Guide

CS 410/510: Web Security X1: Labs Setup WFP1, WFP2, and Kali VMs on Google Cloud

NoSQL Injection SEC642. Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques S

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

Driving OWASP ZAP with Selenium

Penetration Testing with Kali Linux

TexSaw Penetration Te st in g

Notes From The field

QuickStart Guide for Managing Computers. Version 9.73

NEST Kali Linux Tutorial: Burp Suite

QuickStart Guide for Managing Computers. Version 9.32

Being Mean To Your Code: Integrating Security Tools into Your DevOps Pipeline

OWASP Romania Chapter

Online Intensive Ethical Hacking Training

QuickStart Guide for Managing Computers. Version

Secure RESTful Web Services to Mobilize Powerful Website Penetration Testing Tools

Hacking (and Securing) Web Applications. Kevin Bluer

Tools For Vulnerability Scanning and Penetration Testing

Certified Network Security Open Source Software Developer VS-1145


How to perform the DDoS Testing of Web Applications

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

WebGoat& WebScarab. What is computer security for $1000 Alex?

Sicherheit beim Build

Lecture Overview. IN5290 Ethical Hacking

Lecture 6: Web hacking 2, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Preview from Notesale.co.uk Page 3 of 36

Web Application Attacks

OWASP Broken Web Application Project. When Bad Web Apps are Good

OWASP TOP 10. By: Ilia

Web Penetration Testing

QuickStart Guide for Managing Computers. Version

CIS Controls Measures and Metrics for Version 7

How were the Credit Card Numbers Published on the Web? February 19, 2004

Introduction to Web Security Dojo Copyright Maven Security Consulting Inc (

N different strategies to automate OWASP ZAP

CIS Controls Measures and Metrics for Version 7

Web Security. Thierry Sans

IoT Vulnerabilities. By Troy Mattessich, Raymond Fradella, and Arsh Tavi. Contribution Distribution

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

EasyCrypt passes an independent security audit

Lessons Learned from a Web Application Penetration Tester. David Caissy ISSA Los Angeles July 2017

CPTE: Certified Penetration Testing Engineer

ANZTB SIGIST May 2011 Perth OWASP How minor vulnerabilities can do very bad things. OWASP Wednesday 25 th May The OWASP Foundation

(System) Integrity attacks System Abuse, Malicious File upload, SQL Injection

ECCouncil Exam v8 Certified Ethical Hacker v8 Exam Version: 7.0 [ Total Questions: 357 ]

Solutions Business Manager Web Application Security Assessment

CONFIGURING WEBAPP SECURE TO PROTECT AGAINST CREDENTIAL ATTACKS

Azure Web App for Containers Code Sample. Demo Script

Secure Web Application Development: Hands-on Teaching Modules

Curso: Ethical Hacking and Countermeasures

Remedy Application Data Security Risks & Mitigations

Authentication and Password CS166 Introduction to Computer Security 2/11/18 CS166 1

GUI based and very easy to use, no security expertise required. Reporting in both HTML and RTF formats - Click here to view the sample report.

SVN_Eclipse_at_home. 1. Download Eclipse. a. Go to: and select Eclipse IDE for Java Developers

Security Penetration Test of HIE Portal for A CUSTOMER IMPLEMENTION. Services provided to: [LOGO(s) of company providing service to]

BraindumpsIT. BraindumpsIT - IT Certification Company provides Braindumps pdf!

Habanero BMC Configuration Guide

DreamFactory Security Guide

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

java -jar Xmx2048mb /Applications/burpsuite_pro_v1.5.jar

A framework to 0wn the Web - part I -

OSSAMS -Security Testing Automation and Reporting

OE TRACKER Mobile App by ARBO

Hands-on Security Tools

LESSON 12: WI FI NETWORKS SECURITY

This Readme describes the NetIQ Access Manager 3.1 SP5 release.

RiskSense Attack Surface Validation for Web Applications

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Presentation Overview

AppSpider Enterprise. Getting Started Guide

Penetration Testing following OWASP. Boyan Yanchev Chief Technology Ofcer Peter Dimkov IS Consultant

Table of Contents. Configure and Manage Logging in to the Management Portal Verify and Trust Certificates

Exam : JN Title : Juniper Networks Certified Internet Assoc(JNCIA-SSL) Exam. Version : Demo

Automated Security Scanning in Payment Industry

Certified Vulnerability Assessor

Configuring SAP Targets and Runtime Users

Transcription:

A Samurai-WTF intro to the Zed Attack Proxy Justin Searle justin@utilisec.com - @meeas

Samurai-WTF 2 Versions: Live DVD and VMware Image Based on Ubuntu Linux Over 100 tools, extensions, and scripts, included: w3af BeEF Burp Suite Grendel-Scan DirBuster Maltego CE Nikto WebScarab Rat Proxy nmap 2

Project URLs Main project page: http://www.samurai-wtf.com Support information (and tracker) at: http://sourceforge.net/projects/samurai/support Development mailing list at: https://lists.sourceforge.net/lists/listinfo/samurai-devel SVN repository: svn co https://samurai.svn.sourceforge.net/ svnroot/samurai samurai Upcoming project domain: http://www.samurai-wtf.net Project Leads: Kevin Johnson - kjohnson@secureideas.net - @secureideas Justin Searle - justin@utilisec.com - @meeas Frank DiMaggio - fdimaggio@secureideas.net - @hanovrfst Raul Siles - raul@taddong.com - @taddong 3

Logging In Username: samurai Password: samurai http://whatisthesamuraipassword.com 4

Formal Methodology A simple methodology: Recon: Before touching the app Mapping: Learning the app from a user/developer's perspective Discovery: Learning the app from an attacker's perspective Exploitation: Need I say more?!? Every step leads to new insight into the application and target environment New insight provides additional opportunities for previous phases Exploitation Recon Discovery Mapping 5

Methodology in Real Life We still follow the overall clockwise flow, but we often move back and forth between processes Trick is to keep focused and progressing through the steps General rule for deviation from clockwise progression: 5 attempts or 5 minutes Exploitation Recon Discovery Mapping 6

Zed Attack Proxy (ZAP) Author: Psiinon & Andiparos Site: code.google.com/p/zaproxy Purpose: An interception proxy with integrated tools to find vulnerabilities. This project was forked from Paros Proxy and is actively maintained (unlike Paros). Language: Java Notable Features: Port Scanner Automated and Passive Scanner Brute Force and Spider tools Adding Notes and Alerts to request/ response pairs Great "Filters" which allow logging of unique elements and auto regex search/replace 7

ZAP Proxy Demo 1. Configure Firefox for ZAP FoxyProxy SSL/TLS Root CA Certificate 2. Manual mapping of DVWA Does the application authenticate users? How do you login and logout? How does the application track session state? How do update account settings such as passwords? How do you reset or recover an account? Where does the application accept user input? Which inputs are reflected back to the user? Which inputs might be used in queries to a database? Which pages or requests you haven t explored? Which pages return the slowest or fastest? 3. Manually adding alerts for findings 4. Automated spider of DVWA 5. Unlinked Resource Brute Force 6. Active Scanning & Manual Fuzzing 8

Contact Information Justin Searle Managing Partner UtiliSec Kevin Johnson Owner SecureIdeas justin@utilisec.com 801-784-2052 kjohnson@secureideas.net 904-639-6709 @meeas @secureideas 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback