Summary
In this chapter, we set up the lab environment we need for running our tests. Here's a brief checklist of what we set up so far, with a recap of the tools we will be using.
Our main tool for performing tests in an ethical setup is using virtualization software, to test our attack techniques without damaging any third parties while using free tools and software.
Our main client for running web-based attacks, besides possibly our computer itself, will be a Kali Linux VM for advanced and automated attack techniques. To emulate a vulnerable target web server, we will be using the OWASP BWA VM, containing both traditional web applications vulnerable to SQL injection, and web service attack (representational state transfer (REST)) scenarios, on which other application models, such as IoT architectures, usually rely. Our mobile application scenarios will be run using Android Studio, using its built-in device emulator for the client, and a web service running on our computer...