Take this
course

Software Development / Web Development

Learning Python Web Penetration Testing

Make your applications attack-proof by penetration testing with Python

Description

About This Video

  • Become proficient at writing your own tools to identify security vulnerabilities in web applications
  • Take your first steps to becoming a security professional by getting an in-depth understanding of the process behind web application security testing
  • See practical examples of each phase of the web application testing process: Reconnaissance, Mapping, Vulnerability Discovery, and Vulnerability Exploitation


In Detail

With the huge growth in the number of web applications in the recent times, there has also been an upsurge in the need to make these applications secure. Web penetration testing is the use of tools and code to attack a website or web app in order to assess its vulnerabilities to external threats. While there are an increasing number of sophisticated ready-made tools to scan systems for vulnerabilities, the use of Python allows testers to write system-specific scripts, or alter and extend existing testing tools to find, exploit, and record as many security weaknesses as possible.


This course will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for every main activity in the process. It will show you how to test for security vulnerabilities in web applications just like security professionals and hackers do.


The course starts off by providing an overview of the web application penetration testing process and the tools used by professionals to perform these tests. Then we provide an introduction to HTTP and how to interact with web applications using Python and the Requests library. Then will follow the web application penetration testing methodology and cover each section with a supporting Python example. To finish off, we test these tools against a vulnerable web application created specifically for this course.


Stop just running automated tools—write your own and modify existing ones to cover your needs! This course will give you a flying start as a security professional by giving you the necessary skills to write custom tools for different scenarios and modify existing Python tools to suit your application’s needs.

Full details

Curriculum

  • Introduction
    The Course Overview
    This video provides an overview of the entire course.
    5:59
    Understanding Web Application Penetration Testing Process
    You will learn about the web app penetration-testing methodology, the toolset, and our lab environment. • Introduce web application penetration testing with the security of the application and methodology in performing such tests • Learn about the tools most commonly used by professional pentesters • Take a look at our lab environment
    7:51
    Typical Web Application Toolkit
    You will learn about the traditional tools used by security professionals to perform penetration tests. This will provide a basic understanding of the most important type of tools used, and give us ideas on what we can build with Python. • Introduce HTTP proxies, the most important tool of the set. • Learn about Web Crawlers/ Spiders, Scanners, and brute forcers. • Explore tools specifics for certain tasks or scenarios
    6:20
    Testing Environment
    We need to set up the testing environment and we would use VirtualBox, VM, text editor, and the vulnerable Web application we are going to use as target of our tests. • Install VirtualBox to run our Lab VM • Access the testing application • Finally we are going to see the text editor and an important warning
    6:16
  • Interacting with Web Applications
    HTTP Protocol Basics
    This video introduces HTTP, how it works, and the different methods available to communicate with an HTTP server. • Introduce HTTP and how it works • Cover the secure version of HTTP(S) • Cover the different methods available to communicate with a server
    7:11
    Anatomy of an HTTP Request
    You’ll understand the anatomy of an HTTP request in order to make your own tools. • Explain the different parts of a URL • Understand the headers of a request and a response • Perform our first request with Telnet
    7:57
    Interacting with Web Apps Using Requests Library
    We want to learn how to send HTTP request with Python. • Start reviewing Requests library • Create our first script using requests library • Examine some Head/headers and post requests examples
    10:25
    Analyzing the Responses
    In this video, we are going to learn about HTTP response codes. • Introduce the different classes of responses • Write scripts to see success and failure codes • Write a script to see a URL redirection in action
    7:23
  • Web Crawling with Scrapy
    Web Application Mapping
    You’ll learn about web application mapping, what it is, and how to do it. • Revisit the penetration testing process • Check out the different options of performing the mapping • Check out a mapping example from Burp suite
    3:37
    Creating a Crawler with Scrapy
    We want to create a web application crawler to help us map an application. • Define the objective • Create a Scrapy project • Run the project and verify the results
    7:57
    Recursive Crawling
    We created a basic crawler, but now, we want to make it recursive to cover all the web application content. • Create the code to extract all the links • Check whether the links are valid • Run the crawler and check the results
    3:44
    Extracting Information
    We need to extract information from the web application that will be useful for our Security testing. • Learn how to extract e-mails • Extract forms • Extract comments
    5:24
  • Resources Discovery
    What Is Resource Discovery?
    Most applications have resources that are not linked and tools such as crawlers or proxies won’t find. So, we need to discover resources with other methods. • Explain what resource discovery is and how it complements other tools • Note why it is important to use resource discovery techniques • Explore useful dictionaries that can be used to discover resources
    4:03
    Building Our First Brute Forcer
    In order to find more resources that are not linked in a web application, we need to create a brute forcer in order to discover resources using dictionary files. • Define the objective of the brute forcer • Explain the code of the basic brute forcer • Run the brute forcer and check the results
    5:26
    Analyzing the Results
    We need to improve the results of the brute forcer in order to facilitate the discovery of interesting resources. Let's do just this! • Add colors by status code • Add the number of characters, words, and lines of responses • Test the script and see the results
    5:18
    Adding More Information
    In this video, we will add the detection of redirections and generate more information about the responses, such as the time it takes the response and the MD5 hash of the content. • Detect the redirections • Add the response time and MD5 hash • Test the script and note the improvements
    3:55
    Taking Screenshots of the Findings
    When conducting an analysis of big web applications, having a screenshot of the discovered resources could be very handy. We need to add this capability by taking a screenshot of all the resources that return a 200 status code. • Explain which libraries we will use • Add the imports and the code to take the picture • Test this new feature
    4:16
  • Password Testing
    How Password Attacks Work?
    The most important security control in a web application is the authentication. Let’s learn password testing and the different approaches. • Explain how password cracking/testing works • Learn the different password testing approaches • Understand password policies and account locking
    4:57
    Our First Password Brute Forcer
    We want to create a brute forcer for Basic authentication in order to detect the valid passwords for a given user. • Learn what basic authentication is • Create our first password brute forcer • Test the new script against our test web application
    4:39
    Adding Support for Digest Authentication
    Some applications use an authentication method called Digest authentication, which is stronger and more secure than Basic authentication. We want to add support to this method to our script. • First, learn about Digest authentication • Then, modify our script to support this method • Finally, test the resulting script
    4:44
    Form-based Authentication
    You learned how to test Basic- and Digest-based authentication, but most of the web application use Form-based authentication, which is the famous login form. In this video, you will learn how we can brute force these forms. • Understand form authentication • Modify a previous script to add the form authentication feature • Run the script and then fine-tune it
    7:09
  • Detecting and Exploiting SQL Injection Vulnerabilities
    SQL Injection Vulnerability
    SQL injection vulnerabilities are one of the most dangerous issues that can affect a Web application. In this section, you will learn what it is, how it works, and see the difference between SQLi and Blind SQLi. • Learn what is SQL injection • Know how it works • See the difference between SQLi and Blind SQLi
    4:51
    Detecting SQL Injection Issues
    SQL injection is one of the most dangerous vulnerabilities in a web application. In this video, you will learn what the methods available for detecting it are, and then we will automate the process in Python. • Review the different methods to detect SQLi • Automate the detection of SQLI with Python • Add more detection capabilities to the script
    8:10
    Exploiting a SQL Injection to Extract Data
    This video will focus on what an attacker can do after they find a valid SQLi. We will review the options and automate some of them in our script. • Review the data that can be extracted • Automate the basic data and table discovery in our script • Obtain the user and password hashes from the DB
    6:01
    Advanced SQLi Exploiting
    When exploiting SQLi, one the most important parts is to identify the names of the tables in the DB in order to find interesting data. Another important option is reading OS files as we can obtain more passwords and get the source code of the app to find other vulnerabilities. • First, add the capability to read all the table names in the DB • Then, add a file-reading capability to our script • In the final step, we will run the script and note the results of the new functions
    3:56
  • Intercepting HTTP Requests
    HTTP Proxy Anatomy
    Being the proxy is one of the most useful tools in web app security testing. You will learn how it works, why they are used, and finally, the different types of HTTP proxies available. • Introduction to HTTP proxies • Learn why proxies are used/needed • Note the different types of HTTP proxies
    4:08
    Introduction to mitmproxy
    In this video, we will introduce mitmproxy and explain why it was chosen to learn about HTTP proxy in Python. • Introduction to mitmproxy • Basic HTTP proxying with mitmproxy • Brief introduction to inline scripts
    3:54
    Manipulating HTTP Requests
    The main functionality of an HTTP proxy is to intercept and manipulate traffic. In this video, we will note how to do this in mitmproxy. • Introduction to mitmproxy handlers • Write an inline script to log all the requests to a file • Write an inline script to modify all the requests that have query parameters
    6:54
    Automating SQLi in mitmproxy
    In the previous video, we saw how mitmproxy works and how to manipulate the HTTP communication. Now, let’s take a look at how can we put together what we discussed before about SQLi in order to scan for SQLi issues while we browse. • Review the process needed to check for SQLi in mitmproxy • Write an inline script that will search for SQLi in mitmproxy • Test the script against our vulnerable app
    4:39
    Wrapping Up
    In this video, we’ll look at wrapping up the course. • Review what you have learned • Provide guidance on resources to continue learning Web app security • Share some final words
    3:56

Skills

  • Python

Similar Courses

More Courses by this Instructor