Hands-On Application Penetration Testing with Burp Suite

Hands-On Application Penetration Testing with Burp Suite

By : Carlos A. Lozano, Dhruv Shah, Riyaz Ahemed Walikar

Buy this Book

Hands-On Application Penetration Testing with Burp Suite

By: Carlos A. Lozano, Dhruv Shah, Riyaz Ahemed Walikar

Buy this Book

Overview of this book

Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks. The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application. By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.

Title Page

Contributors

About Packt

Preface

Free Chapter

Configuring Burp Suite

Getting to know Burp Suite

Setting up proxy listeners

Managing multiple proxy listeners

Working with non-proxy-aware clients

Creating target scopes in Burp Suite

Working with target exclusions

Quick settings before beginning

Summary

Configuring the Client and Setting Up Mobile Devices

Setting up Firefox to work with Burp Suite (HTTP and HTTPS)

Setting up Chrome to work with Burp Suite (HTTP and HTTPS)

Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)

Additional browser add-ons that can be used to manage proxy settings

Setting system-wide proxy for non-proxy-aware clients

Setting up Android to work with Burp Suite

Setting up iOS to work with Burp Suite

Summary

Executing an Application Penetration Test

Differences between a bug bounty and a client-initiated pentest

Initiating a penetration test

Why Burp Suite? Let's cover some groundwork!

Why Burp Suite Scanner?

Summary

Exploring the Stages of an Application Penetration Test

Stages of an application pentest

Getting to know Burp Suite better

Summary

Preparing for an Application Penetration Test

Setup of vulnerable web applications

Reconnaissance and file discovery

Testing for authentication via Burp

Summary

Identifying Vulnerabilities Using Burp Suite

Detecting SQL injection flaws

Detecting OS command injection

Detecting XSS vulnerabilities

Detecting XML-related issues, such as XXE

Detecting SSTI

Detecting SSRF

Summary

Detecting Vulnerabilities Using Burp Suite

Detecting CSRF

Detecting Insecure Direct Object References

Detecting security misconfigurations

Detecting insecure deserialization

Detecting OAuth-related issues

Detecting broken authentication

Summary

Exploiting Vulnerabilities Using Burp Suite - Part 1

Data exfiltration via a blind Boolean-based SQL injection

Executing OS commands using an SQL injection

Executing an out-of-band command injection

Stealing session credentials using XSS

Taking control of the user's browser using XSS

Extracting server files using XXE vulnerabilities

Performing out-of-data extraction using XXE and Burp Suite collaborator

Exploiting SSTI vulnerabilities to execute server commands

Summary

Exploiting Vulnerabilities Using Burp Suite - Part 2

Using SSRF/XSPA to perform internal port scans

Using SSRF/XSPA to extract data from internal machines

Extracting data using Insecure Direct Object Reference (IDOR) flaws

Exploiting security misconfigurations

Using insecure deserialization to execute OS commands

Exploiting crypto vulnerabilities

Brute forcing HTTP basic authentication

Brute forcing forms

Bypassing file upload restrictions

Summary

Writing Burp Suite Extensions

Setting up the development environment

Writing a Burp Suite extension

Executing the extension

Summary

Breaking the Authentication for a Large Online Retailer

Remembering about authentication

Large online retailers

Performing information gathering

Summary

Exploiting and Exfiltrating Data from a Large Shipping Corporation

Discovering Blind SQL injection

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Exploiting crypto vulnerabilities

More than exploiting vulnerabilities related to cryptography, Burp Suite allows users to perform analysis to detect weak algorithms.

To perform this analysis, we need to create a capture. This capture is just a navigation where we log in and log out from an application in order to create sessions, tokens, and IDs. The idea is to create the biggest capture that we can in order to have a sample.

After creating the capture, use the normal history in Burp Suite, go to the Sequencer tool, and click on Analyze now, as demonstrated in the following screenshot:

Here, you can see the final analysis, as follows:

The Final Analysis

Now, you can determine whether the algorithm used is weak or not based on the entropy, the charset, and the probability.

Hands-On Application Penetration Testing with Burp Suite

By : Carlos A. Lozano, Dhruv Shah, Riyaz Ahemed Walikar

Hands-On Application Penetration Testing with Burp Suite

By: Carlos A. Lozano, Dhruv Shah, Riyaz Ahemed Walikar

Overview of this book

Related Content you might be interested in

Current Title:

Hands-On Application Penetration Testing with Burp Suite

Bug Bounty Hunting Essentials

Burp Suite Cookbook

Burp Suite Cookbook.

Exploiting crypto vulnerabilities