January 2

Web Application Penetration Testing – Part 3

This blog post series will be covering the topic of performing Web Application Penetration Tests. Web Application Penetration Testing Part 1 and Part 2 focused on gathering information about the web server, the web application and its framework. Each one of the previous posts mentioned at the beginning, a few basic theory concepts on the Web and the HTTP protocol that you should be able to understand and study further in order to excel at Web Application Penetration Testing.
In this third part we will continue using the same structure as we did in the previous blog posts. We are going to mention a few basic theory concepts regarding the WEB at the beginning of our post and then we will focus on the Dirbusting technique.

Continue reading
Category: Penetration Testing, Training | Comments Off on Web Application Penetration Testing – Part 3
December 19

Web Application Penetration Testing – Part 2

This blog post series will be covering the topic of performing Web Application Penetration Tests. In part one of this series, we focused on gathering information about the web server. In this second part we will continue covering the information gathering phase of the Web Application Penetration Testing engagement and some more basic knowledge on the Web and the HTTP protocol.

Continue reading
Category: Penetration Testing, Training | Comments Off on Web Application Penetration Testing – Part 2
December 10

Web Application Penetration Testing – Part 1

This blog post series will be covering the topic of performing Web Application Penetration Tests. An important thing that you should keep in mind during a Penetration Testing engagement is to constantly think about how someone could abuse and exploit the existing functionality of the application. In part one of this series, we will cover the initial steps of our security tests.

Continue reading
Category: Penetration Testing, Training | Comments Off on Web Application Penetration Testing – Part 1