In this chapter, you will learn the techniques of assessing the web servers and web applications that are a part of the vast majority of the environments we may encounter. We will discuss the following topics:
Analyzing the OWASP Top Ten attacks
Identifying web application firewalls
Penetrating web application firewalls
Tools
This chapter will provide us with information on one of the most popular attack vectors and the attack vector that is virtually accessible on any environment. Virtually all organizations will require some form of online presence. Therefore, it is a good bet we will have a web server and probably some web applications that we can use to attempt to compromise a client system and/or network.