Book Overview & Buying
Table Of Contents

Hands-On Application Penetration Testing with Burp Suite

By : Carlos A. Lozano , Dhruv Shah, Ahemed Walikar

2 (2)

Buy this Book

Hands-On Application Penetration Testing with Burp Suite

2 (2)

By: Carlos A. Lozano , Dhruv Shah, Ahemed Walikar

Buy this Book

Overview of this book

Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks. The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application. By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.

Preface

Who this book is for

What this book covers

To get the most out of this book

Get in touch

Free Chapter

Configuring Burp Suite

Getting to know Burp Suite

Setting up proxy listeners

Managing multiple proxy listeners

Working with non-proxy-aware clients

Creating target scopes in Burp Suite

Working with target exclusions

Quick settings before beginning

Summary

Configuring the Client and Setting Up Mobile Devices

Setting up Firefox to work with Burp Suite (HTTP and HTTPS)

Setting up Chrome to work with Burp Suite (HTTP and HTTPS)

Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)

Additional browser add-ons that can be used to manage proxy settings

Setting system-wide proxy for non-proxy-aware clients

Setting up Android to work with Burp Suite

Setting up iOS to work with Burp Suite

Summary

Executing an Application Penetration Test

Differences between a bug bounty and a client-initiated pentest

Initiating a penetration test

Why Burp Suite? Let's cover some groundwork!

Why Burp Suite Scanner?

Summary

Exploring the Stages of an Application Penetration Test

Stages of an application pentest

Getting to know Burp Suite better

Summary

Preparing for an Application Penetration Test

Setup of vulnerable web applications

Reconnaissance and file discovery

Testing for authentication via Burp

Summary

Identifying Vulnerabilities Using Burp Suite

Detecting SQL injection flaws

Detecting OS command injection

Detecting XSS vulnerabilities

Detecting XML-related issues, such as XXE

Detecting SSTI

Detecting SSRF

Summary

Detecting Vulnerabilities Using Burp Suite

Detecting CSRF

Detecting Insecure Direct Object References

Detecting security misconfigurations

Detecting insecure deserialization

Detecting OAuth-related issues

Detecting broken authentication

Summary

Exploiting Vulnerabilities Using Burp Suite - Part 1

Data exfiltration via a blind Boolean-based SQL injection

Executing OS commands using an SQL injection

Executing an out-of-band command injection

Stealing session credentials using XSS

Taking control of the user's browser using XSS

Extracting server files using XXE vulnerabilities

Performing out-of-data extraction using XXE and Burp Suite collaborator

Exploiting SSTI vulnerabilities to execute server commands

Summary

Exploiting Vulnerabilities Using Burp Suite - Part 2

Using SSRF/XSPA to perform internal port scans

Using SSRF/XSPA to extract data from internal machines

Extracting data using Insecure Direct Object Reference (IDOR) flaws

Exploiting security misconfigurations

Using insecure deserialization to execute OS commands

Exploiting crypto vulnerabilities

Brute forcing HTTP basic authentication

Brute forcing forms

Bypassing file upload restrictions

Summary

Writing Burp Suite Extensions

Setting up the development environment

Writing a Burp Suite extension

Executing the extension

Summary

Breaking the Authentication for a Large Online Retailer

Remembering about authentication

Large online retailers

Performing information gathering

Summary

Exploiting and Exfiltrating Data from a Large Shipping Corporation

Discovering Blind SQL injection

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Configuring the Client and Setting Up Mobile Devices

Once we have Burp Suite up and configured to act as the proxy through which all our communication will go to the target, we need to set up the clients to talk to Burp, so that the communication path is complete.

Almost all clients that can talk to HTTP/HTTPS servers have a way of setting a proxy endpoint. This tells the client that it needs to send the traffic to the proxy endpoint first, which will then forward it to the target. Different clients have different ways of setting this proxy setting. Some clients use the operating system's proxy setting to enforce the path of the traffic.

In this chapter, we shall see how we can set the proxy option for various common clients, both on mobile and traditional computing devices.

We will cover the following topics in the chapter: