Chapter 9 - 04 - Application Security Testing Techniques and Tools - 08_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
Tags
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Application Security Web Application Security Scanners N-Stalker Web App...
Certified Cybersecurity Technician Exam 212-82 Application Security Web Application Security Scanners N-Stalker Web App N-Stalker web app security scanner checks for vulnerabilities such as SQL injection, Security Scanner XSS, and other known attacks Acunetix WVS https://www.acunetix.com Browser Exploitation Framework (BeEF) http://beefproject.com Metasploit https://www.metasploit.com PowerSploit https://github.com Watcher https://www.nstolker.com : https://www.casaba.com - Copyright © by. All Rights Reserved. Reproductionis Strictly Prohibited Web Application Security Scanners There are various web application security assessment tools available for scanning, detecting, and assessing the vulnerabilities/security of web applications. These tools reveal their security posture; you can use them to find ways to harden security and create robust web applications. Furthermore, these tools automate the process of accurate web application security assessment. = N-Stalker Web App Security Scanner Source: https://www.nstalker.com N-Stalker Web App Security Scanner checks for vulnerabilities such as SQL injection, XSS, and other known attacks. It is a useful security tool for developers, system/security administrators, IT auditors, and staff, as it incorporates the well-known “N-Stealth HTTP Security Scanner” and its database of 39,000 web attack signatures along with a component-oriented web application security assessment technology. Module 09 Page 1228 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Application Security g!a PR )ss N-Stalker Web Application Security Scanner X - Free Edition.- ]O X N-Staker Scanner Scan Options @ Iv » -. Start Scan Threads # Engine & Crawler Settings ~ Encode URI (WAF) HTTP Settings ~ | (24 control { Control Options - Start Proxy URL Restriction Settings ~ Track Spider | ) Close Session il 8 -~ Session Mgmt & Fiters p— — - Debug HTTP ~ CERT— SR Session Control || Threads Control Spider Control HTTP Control False-Postive Control [w|| Scanner Events (v ] B E Q S=canner ~ || vulnerability E Application might be |-} [-§jj Oostbeers 15 Site Sequence 12} General Info vulnerable to K lickiacki -4 Alowed Hosts Details and and Fix ) clickjacking attacks 9 g&w"::ded s;) [;t;:j:ded Hosts SsnsirDaballs R » Severity : Medium " 4 Cookies : 4 Cookies HT P Request HTTP Request b panerabilY £HGMIW Clickack ClickJack = Scripts (0) HTTP Response ek. M CWE () Comments 0 Simulation Engine »References: : »References O o el g\g;\)s (Top 1049)] (693) £] web Forms (2) | £ web Forms (2) Flag Flag False-Positive False-Positive \.57] “{7] E-mails >TargetURL: http/iwww.moviescope.com/ Y " Broken Broken pages (1) »PostData: N/A = Hidden Fields L 1. Information Leakage (2) Vulnerabilties > Why isitanissue? = gj hitp://w ww.moviescope.com/ El &5 Application might be vulnerable to clickjacking attacks N-Stalker has found your system is CR Y vulnerable to clickjacking attack which I et N = | allows malicious users to manipulate DJ &5 &4 Muttiple Cross-site request forgery vulnerability has be legitimate user interactions within your &5 E] &4 Web form allows password caching in the client-side application. Q] m ¥/' Possible uncommon HTTP methed method found to be support lil l@ W Webserver wil disclose platform details or version inf [Tz] - ¥ Webserver will disclose platform details or version inf , > ogress " ~ _ 9 N-Staker Spidef Module 100 % N Modules || #» i Components ICI Scan Events [ED Module Events | Figure 9.34: Screenshot of N-Stalker Web Application Security Scanner Some additional web application security testing tools are as follows: *= Acunetix WVS (https://www.acunetix.com) = Browser Exploitation Framework (BeEF) (http://beefproject.com) = Metasploit (https://www.metasploit.com) = PowerSploit (https://github.com) = Watcher (https://www.casaba.com) Module 09 Page 1229 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Application Security Proxy-based Security Testing Tools < o Burp Suite ItIt provides provides various various tools tools that that work work together together to to support support the the entire entire testing testing OWASP Zed OWASP Zed Attack Attack Proxy Proxy (ZAP) (ZAP) process, from initial mapping and analysis of an application’s attack OWASP ZAP is an open source, easy to use, integrated OWASP ZAP is an open source, easy to use, integrated surface, through to finding and exploiting security vulnerabilities penetration testing tool for finding vulnerabilities in web penetration testing tool for finding vulnerabilities in web applications BYBY oB Sute Sute Potesonst Protesonal o (2)) Durp itater Rejedter Widow Melp Sum Wite Repesisr Wridow Hob - LT T T I G [T ey nedia - OWAS w~fi T *:*r‘—'_'%‘g_ |[ Tangen Tange | Proey | Spuser Syser | Sesnme Seonmme | wtracer wtrucer | Rupester Reseste | Beqmncer Sequoncer | Oucoter Ducoser | Comparer Compar | Eanter Exenter | Ossers Ospars | sivets s | -Ommw — UmibedSemon-Sohpeda-OWASPZAP Wuwfa Softpedia - OWASP.. -- ol fme [he. 21 Ven Assine ne Fepord Feg von Toom Ondee- e Mep | Ponats | Scan asnss | U scamara i| Opters | ] S avss | i scur J Ovios | = - [ostotmete ([Stndemote9]) | Wl Wihi @@ R, TR |, ~=PPOAE ~=pr0o&T ©» »* @@ 53 53 mpcton mpctin 17. — Y iti/ @ e Crov ste sy porgneg e(e [ Jme | fo owen gs 5 | Rraowst— Reaorsr-s | Bwtpmmee Berpormee= | irem s ¢ | o:?:::...... @ sseerntont @77 @177 beatw headw naction maction s»o | stnn] T — T*O* eesities, 2eA v setvosa Welcome to the OWASP Zed Attack Proxy @) covomip 7» 7 onporoe engiopens o @ Comtont bibsmaibam """ [T p— of gossmnd (ZAP) (ZAP) »* i§ Besen mesen LDAP eyecien ? LOAP eyecten AP IAP 15I3 3% 030 0301 '0 vne whey L0 PRI [erer 2on e W bb by BN e ait es "t 1wt >. | late lete 1) Opem reboncten Opmes rebowcten ettcstons ptostons o [@ o» 010 Darraerd Danrmerd bokd ek wety e we mtsceergien wabiad masbind 7] (7]..:.::: o @) e iCrossferman Reven mw:::l o iConrtomen et macage (1]. Plasseb anars Bad you :;uf :,:;:“:,.:'::':; BhawhD R brty Sk R ANCaos L I 1oy b teet S spechcaly TN P peTEEEN 1 test o 0D usenes Y B o § Mg TRt L r—— T mdeeclnte wnt IM[&-—- [ Barzerna | Mlw | Rergerne | To Qi 1est teat a0 MELAIEN AEERCHIEN Sriel Soter BlB LIS, et w02 presy Jediw prens Adacr Alacr 3 U SR, atc o sty 5 e g 1otz e com Peww sofzeds com 0 Cross-site scripting (reflected) ] yasa v e | BW - — _— — - Prigeis Frgess A COrEete LA COmErete - Ba0 Be0 Te Nerts Werts 143 150 180 36taLs ofo BB 111 bkd 150 30tals Sount bets lant I Tsase Croms sbe Crom vba srigting wsigting fetedted] fntucied] Sewity Sewmety Migh Carbturcn m “Q‘:M- Comtain ks 1088 e 19 SagmM0 30 K13 SO ol BEETANE LS Ool OB :’,::::,:.:::;‘;:’“"““lu.m o BT1858 18 Yy A Hart P STOTHA B bl mahenc nbe st e Brouin TN Pan Iear I 'tW1 Dhelault Dhetandt aspn Sea e beg e e v Setaly e etnt mee Oetnd O% ——. a1 PR https//www.owasp.org https//www.owasp.org Too Tho vbas SoarchTomm sooumt vubon o the SomrchTommm 1ocumst prmenor puwrmrasr o copud Copeed se1a o3 thee HTUL HTUL ducummet mems slom tost st tost fomsatwwse, focinwieys fuoe@@ | Paamsl] | oo Pwama(] | seseson< rewsuson