Dashboard » Debates » Pentesting a Aplicaciones Web

Preguntas y Respuestas sobre Pentesting a Aplicaciones Web

Matias Ascui realizo una pregunta

Porque se pone nano en la terminal?

Porque algunas personas ponen nano en la terminal, yo pongo el comando y no me aparece nada


Ver los 3 comentarios

Completa tu perfil para poder comentar.

Felipe Barrios realizo una pregunta

Laboratorios penetration testing.

A continuacion comparto una recoleccion de laboratiros que encontre navegando por internet.

http://www.cis.syr.edu/~wedu/seed/all_labs.html - Developing Instructional Laboratories for Computer SEcurity EDucation.

https://github.com/jerryhoff/WebGoat.NET - This web application is a learning platform about common web security flaws.

http://sourceforge.net/projects/lampsecurity/ - LAMPSecurity Training.

https://github.com/Audi-1/sqli-labs - SQLI labs to test error based, Blind boolean based, Time based.

https://github.com/paralax/lfi-labs - Small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns.

http://azcwr.org/az-cyber-warfare-ranges - Free live fire Capture the Flag, blue team, red team Cyber Warfare Range for beginners through advanced users. Must use a cell phone to send a text message requesting access to the range.

http://blog.phdays.com/2012/05/once-again-about-remote-banking.html - Remote banking system containing common vulnerabilities. http://azcwr.org/ The ranges offer an excellent platform for you to learn computer network attack (CNA), computer network defense (CND), and digital forensics (DF). You can play any of these roles.

https://www.avatao.com More than 350 hands-on challenges (free and paid) to master IT security and it's growing day by day.

https://github.com/psiinon/bodgeit The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.

http://www.bright-shadows.net Training in Programming, JavaScript, PHP, Java, Steganography, and Cryptography (among others).

http://www.itsecgames.com bWAPP, or a buggy web application, is a free and open source deliberately insecure web application.

http://www.cyberdegrees.org/resources/free-online-courses Free online cyber security Massive Open Online Courses (MOOCS).

https://github.com/commixproject/commix-testbed A collection of web pages, vulnerable to command injection flaws.

https://github.com/SpiderLabs/CryptOMG CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.

https://cybersecuritybase.github.io/ Cyber Security Base is page with free courses by University of Helsinki in collaboration with F-Secure.

https://pod.cybersecuritychallenge.org.uk/)|Cyber Security Challenge UK runs a series of competitions designed to test your cyber security skills.|

https://www.cybertraining365.com/cybertraining/FreeClasses)|Cybertraining365 has paid material but also offers free classes. The link is directed at the free classes.|

https://www.cybrary.it/)|Free and Open Source Cyber Security Learning.

https://github.com/stamparm/DSVW)|Damn Small Vulnerable Web (DSVW) is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes. It supports majority of (most popular) web application vulnerabilities together with appropriate attacks.

https://code.google.com/archive/p/dvaa/)|Damn Vulnerable Android App (DVAA) is an Android application which contains intentional vulnerabilities.

https://github.com/logicalhacking/DVHMA)|Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.

http://damnvulnerableiosapp.com/)|Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable.

http://www.computersecuritystudent.com/SECURITY_TOOLS/DVL/lesson1/)|Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn't. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks.|

https://github.com/praetorian-inc/DVRF)|The goal of this project is to simulate a real-world environment to help people learn about other CPU architectures outside of the x86_64 space. This project will also help people get into discovering new things about hardware.|

https://github.com/silentsignal/damn-vulnerable-stateful-web-app)|Short and simple vulnerable PHP web application that naïve scanners found to be perfectly safe.|

https://github.com/secvulture/dvta)|DVTA is a Vulnerable Thick Client Application developed in C# .NET with many vulnerabilities.|

http://www.dvwa.co.uk/)|Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.|

https://github.com/snoopysecurity/dvws)|Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.|

https://github.com/interference-security/DVWS)|Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.|

https://github.com/skepticfx/damnvulnerable.me)|A deliberately vulnerable modern day app with lots of DOM-related bugs.|

http://www.dareyourmind.net/)|Online game, hacker challenge.|

https://github.com/payatu/diva-android)|Damn Insecure and vulnerable App for Android.|

https://www.enigmagroup.org/)|Safe security resource, trains in exploits listed in the OWASP Top 10 Project and teach members the many other types of exploits that are found in today's applications.|

https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material)|The European Union Agency for Network and Information Security (ENISA) Cyber Security Training. You will find training materials, handbooks for teachers, toolsets for students and Virtual Images to support hands-on training sessions.|

https://sourceforge.net/projects/exploitcoilvuln/?source=recommended)|exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques.|

https://exploit-exercises.com/)|exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues.|

http://securitycompass.github.io/AndroidLabs/index.html)|Set of labs and a exploitable framework for you to hack mobile a application on Android.|

http://www.gameofhacks.com/)|This game was designed to test your application hacking skills. You will be presented with vulnerable pieces of code and your mission if you choose to accept it is to find which vulnerability exists in that code as quickly as possible.|

https://sourceforge.net/projects/null-gameover/)|Project GameOver was started with the objective of training and educating newbies about the basics of web security and educate them about the common web attacks and help them understand how they work.|

http://www.gh0st.net/?p=19)|A security research network where like-minded individuals could work together towards the common goal of knowledge.|

http://neutronstar.org/goatselinux.html)|GSL is a Vmware image you can run for penetration testing purposes.|

http://google-gruyere.appspot.com/)|Labs that cover how an application can be attacked using common web security vulnerabilities, like cross-site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF). Also you can find labs how to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.|

https://www.hackthissite.org/)|More than just another hacker wargames site, Hack This Site is a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything.|

https://hackyourselffirst.troyhunt.com/)|This course is designed to help web developers on all frameworks identify risks in their own websites before attackers do and it uses this site extensively to demonstrate risks.|

https://hack.me/)|Hack.me aims to be the largest collection of "runnable" vulnerable web applications, code samples and CMS's online. The platform is available without any restriction to any party interested in Web Application Security.|

https://github.com/Hackademic/hackademic)|Offers realistic scenarios full of known vulnerabilities (especially, of course, the OWASP Top Ten) for those trying to practice their attack skills.|

https://github.com/rapid7/hackazon)|A modern vulnerable web app.|

http://www.hackertest.net/)|HackerTest.net is your own online hacker simulation with 20 levels.|

https://www.hacking-lab.com/Remote_Sec_Lab/)|Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents. Furthermore, Hacking-Lab is providing the CTF and mission style challenges for the European Cyber Security Challenge with Austria, Germany, Switzerland, UK, Spain, Romania and provides free OWASP TOP 10 online security labs.|

http://payatu.com/hacksys-extreme-vulnerable-driver/)|HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level.|

https://www.hackthis.co.uk/)|Test your skills with 50+ hacking levels, covering all aspects of security.|

http://hackxor.sourceforge.net/cgi-bin/index.pl)|Hackxor is a web app hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc.|

http://halls-of-valhalla.org/beta/challenges)|Challenges you can solve. Valhalla is a place for sharing knowledge and ideas. Users can submit code, as well as science, technology, and engineering-oriented news and articles.|

http://hax.tor.hu/welcome/)|Provides numerous interesting “hacking” challenges to the user.|

https://www.hellboundhackers.org/)|Learn a hands-on approach to computer security. Learn how hackers break in, and how to keep them out.|

https://sourceforge.net/projects/holynix/files/)|Holynix is an Linux VMware image that was deliberately built to have security holes for the purposes of penetration testing.|

http://hsctf.com/ |HSCTF is an international online hacking competition designed to educate high schoolers in computer science.|

http://iase.disa.mil/eta/Pages/index.aspx Great site with Cybersecurity Awareness Training, Cybersecurity Training for IT Managers, Cybersecurity Training for Cybersecurity Professionals, Cybersecurity Technical Training, NetOps Training, Cyber Law Awareness, and FSO Tools Training available online.

http://resources.infosecinstitute.com/free-cissp-training-study-guide/ Free CISSP Training course.

https://safeandsecureonline.org/ Site to empower students, teachers, and whole communities to secure their online life through cyber security education and awareness with the Safe and Secure Online educational program; information security scholarships; and industry and consumer research.|

https://github.com/CSPF-Founder/JavaVulnerableLab)|Vulnerable Java based Web Application.|

https://github.com/bkimminich/juice-shop)|OWASP Juice Shop is an intentionally insecure web app for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.|

https://challenges.ka0labs.org/home)|Here you will find jeopardy-style challenges without stressful time-limits of regular CTFs.|

http://www.kioptrix.com/blog/a-new-vm-after-almost-2-years/)|This vulnerable machine is a good starting point for beginners.|

https://sourceforge.net/projects/lampsecurity/)|LAMPSecurity training is designed to be a series of vulnerable virtual machine images along with complementary documentation designed to teach Linux,apache,PHP,MySQL security.|

https://github.com/SpiderLabs/MCIR)|The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.|

http://www.mcafee.com/us/downloads/free-tools/index.aspx)|Search the page for HacMe and you'll find a suite of learning tools.|

https://www.offensive-security.com/metasploit-unleashed/)|Free Ethical Hacking Course.

https://github.com/rapid7/metasploitable3)|Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.|

https://microcorruption.com/login)|Challenge: given a debugger and a device, find an input that unlocks it. Solve the level with that input.|

http://blog.cobaltstrike.com/2014/08/06/introducing-morning-catch-a-phishing-paradise/)|Morning Catch is a VMware virtual machine, similar to Metasploitable, to demonstrate and teach about targeted client-side attacks and post-exploitation.|

http://www.bonsai-sec.com/en/research/moth.php)|Moth is a VMware image with a set of vulnerable Web Applications and scripts.|

https://sourceforge.net/projects/mutillidae/)|OWASP Mutillidae II is a free, open source, deliberately vulnerable web application providing a target for web-security enthusiast.|

https://www.mysterytwisterc3.org/en/)|MysteryTwister C3 lets you solve crypto challenges, starting from the simple Caesar cipher all the way to modern AES, they have challenges for everyone.|

https://irtsectraining.nih.gov/publicUser.aspx)|Short courses on Information Security and Privacy Awareness. They have a section for executives, managers and IT Administrators as well.|

http://overthewire.org/wargames/)|The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.|

https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project)|OWASP Broken Web Applications Project is a collection of vulnerable web applications that is distributed on a Virtual Machine.|

https://github.com/jackMannino/OWASP-GoatDroid-Project)|OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users.|

https://www.owasp.org/index.php/OWASP_iGoat_Project)|iGoat is a learning tool for iOS developers (iPhone, iPad, etc.).|

https://sourceforge.net/projects/mutillidae/)|OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast.|

https://www.owasp.org/index.php/OWASP_Security_Shepherd)|The OWASP Security Shepherd project is a web and mobile application security training platform.|

https://www.owasp.org/index.php/Owasp_SiteGenerator)|OWASP SiteGenerator allows the creating of dynamic websites based on XML files and predefined vulnerabilities (some simple, some complex) covering .Net languages and web development architectures (for example, navigation: Html, Javascript, Flash, Java, etc...).|

https://pentesterlab.com/exercises/from_sqli_to_shell)|This exercise explains how you can, from a SQL injection, gain access to the administration console, then in the administration console, how you can run commands on the system.|

https://lab.pentestit.ru/)|Pentestit.ru has free labs that emulate real IT infrastructures. It is created for practising legal pen testing and improving penetration testing skills. OpenVPN is required to connect to the labs.|

https://sourceforge.net/projects/peruggia/)|Peruggia is designed as a safe, legal environment to learn about and try common attacks on web applications. Peruggia looks similar to an image gallery, but contains several controlled vulnerabilities to practice on.|

https://picoctf.com/)|picoCTF is a computer security game targeted at middle and high school students. The game consists of a series of challenges centered around a unique storyline where participants must reverse engineer, break, hack, decrypt, or do whatever it takes to solve the challenge.|

http://www.professormesser.com/)|Good free training video's, not only on Security, but on CompTIA A+, Network and Microsoft related as well.|

https://code.google.com/archive/p/puzzlemall/)|PuzzleMall - A vulnerable web application for practicing session puzzling.|

http://pwnable.kr/)|'pwnable.kr' is a non-commercial wargame site which provides various pwn challenges regarding system exploitation. while playing pwnable.kr, you could learn/improve system hacking skills but that shouldn't be your only purpose.|

https://www.pwnerrank.com/)|A Capture The Flag platform dedicated to information security learning, training and practicing by solving a set challenges.|

http://www.pwnos.com/)|PwnOS is a vulnerable by design OS .. and there are many ways you can hack it.|

http://reversing.kr)|This site tests your ability to Cracking & Reverse Code Engineering.|

https://ringzer0team.com/challenges)|Challenges you can solve and gain points.|

http://www.risk3sixty.com/free-information-security-training/)|Free Information Security training video, an information security examination and the exam answer key.|

https://www.root-me.org/)|Hundreds of challenges and virtual environments. Each challenge can be associated with a multitude of solutions so you can learn.|

https://github.com/RPISEC/MBE)|Modern Binary Exploitation Course materials.|

https://github.com/RPISEC/Malware)|Malware Analysis Course materials.|

http://www.cyberaces.org/courses/)|SANS Cyber Aces Online makes available, free and online, selected courses from the professional development curriculum offered by The SANS Institute, the global leader in cyber security training.|

http://21ltr.com/2012/06/19/21LTR-Scene-One-LiveCD/)|Scene One is a pen testing scenario liveCD made for a bit of fun and learning.|

http://www.cis.syr.edu/~wedu/seed/all_labs.html)|The SEED project has labs on Software, Network, Web, Mobile and System security and Cryptography labs.| https://github.com/dobin/SentinelTestbed)|Vulnerable website. Used to test sentinel features.|

http://sg6-labs.blogspot.nl/2007/12/secgame-1-sauron.html)|Spanish language, vulnerable GNU/Linux systems.|

http://www.slavehack.com/)|My personal favorite : Slavehack is a virtual hack simulation game. Great for starters, I've seen kids in elementary school playing this!|

https://www.slavehack2.com/)|Slavehack 2 is a sequel on the original Slavehack. It's also a virtual hack simulation game but you will find features much more closer to today's Cyber reality.|

http://smashthestack.org/)|This network hosts several different wargames, ranging in difficulty. A wargame, in this context, is an environment that simulates software vulnerabilities and allows for the legal execution of exploitation techniques.|

https://digi.ninja/projects/sockettome.php)|SocketToMe SocketToMe is little application for testing web sockets.|

https://github.com/Audi-1/sqli-labs SQLI labs to test error based, Blind boolean based, Time based.

https://github.com/himadriganguly/sqlilabs Lab set-up for learning SQL Injection Techniques.

http://sqlzoo.net/hack/ Try your Hacking skills against this test system. It takes you through the exploit step-by-step.

https://suif.stanford.edu/~livshits/securibench/ Stanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java.

https://sourceforge.net/projects/thebutterflytmp/?source=navbar The ButterFly project is an educational environment intended to give an insight into common web application and PHP vulnerabilities. The environment also includes examples demonstrating how such vulnerabilities are mitigated.

http://www.thisislegal.com/)|A hacker wargames site but also with much more.

http://www.try2hack.nl/ Try2hack provides several security-oriented challenges for your entertainment. The challenges are diverse and get progressively harder.

http://www.amanhardikar.com/mindmaps/practice-links.html UltimateLAMP is a fully functional environment allowing you to easily try and evaluate a number of LAMP stack software products without requiring any specific setup or configuration of these products.

http://vicnum.ciphertechs.com/ Vicnum is an OWASP project consisting of vulnerable web applications based on games commonly used to kill time. These applications demonstrate common web security problems such as cross-site scripting, SQL injections, and session management issues.

https://www.vulnhub.com/ An extensive collection of vulnerable VMs with user-created solutions.|

https://www.rebootuser.com/?page_id=1041 A vulnerable Linux host with configuration weaknesses rather than purposely vulnerable software versions.

http://www.thegreycorner.com/2010/12/introducing-vulnserver.html)|Windows based threaded TCP server application that is designed to be exploited.

https://w3challs.com W3Challs is a penetration testing training platform, which offers various computer challenges, in categories related to security|

https://github.com/adamdoupe/WackoPicko WackoPicko is a vulnerable web application used to test web application vulnerability scanners.

http://www.waed.info/ WAED is pre-configured with various real-world vulnerable web applications in a sandboxed environment. It includes pen testing tools as well.

https://sourceforge.net/projects/websecuritydojo/ Web Security Dojo is a preconfigured, stand-alone training environment for Web Application Security.

https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat.

http://www.wechall.net/ Focussed on offering computer-related problems. You will find Cryptographic, Crackit, Steganography, Programming, Logic and Math/Science. The difficulty of these challenges vary as well.

https://xss-game.appspot.com In this training program, you will learn to find and exploit XSS bugs. You'll use this knowledge to confuse and infuriate your adversaries by preventing such bugs from happening in your applications.

https://github.com/s4n7h0/xvwa |XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.



Ver todos comentarios

Completa tu perfil para poder comentar.

Jose Alvarez realizo una pregunta

No me puedo registrar en la pagina hackthissite.org

Hola, he probado registrarme en la pagina hackthissite.org pero no logro entrar.

Ver todos comentarios

Completa tu perfil para poder comentar.

Felipe Barrios realizo una pregunta

Solución malware WannaCry.

En referencia al ataque de Ransomware detectado inicialmente en España (Empresa Telefonica) como entel soluciono el problema:


Ver los 6 comentarios

Completa tu perfil para poder comentar.

Felipe Barrios realizo una pregunta

¿Que mejora te gustaría tener en nuestra plataforma?

Hola constantemente estamos realizando mejoras a nuestras plataforma, tratando de entregar una experiencia de calidad, que mejora te gustaría realizar o crees que te servirá a ti y a todos los usuarios de la comunidad, las personas que participen pueden tener una beca automaticamente, solo envianos un mensaje a nuestra fanpage con tu aporte. https://www.facebook.com/BackTrackAcademy/

¿Que mejora te gustaría tener en la plataforma de Backtrack Academy?

Ver los 43 comentarios

Completa tu perfil para poder comentar.

Diego Arriagada realizo una pregunta

El paso fundamental antes del pentesting

Buenas a todos;

He visto y estudiado muchos cursos sobre pentesting, me considero usuario basico-intermedio en esto, sobre todo metasploit, pero me asalta y siempre me a asaltado la siguiente duda;

En todos lados incluyendo en esta web, indican como llevar a cabo un pentesting bla bla bla, pero nunca me han dicho ni he visto como realmente se empieza, pondré un ejemplo; - Un vecino, micro empresario me reto a que vulnerara su laptop donde tenia toda la info de su negocio, busqué toda la info de él, en buscadores etc. Pero... Tengo que entrar a su red para empezar a hackear o hacer el test de instrusión a su laptop, como entro a su red, si no tengo acceso a la red fisicamente, tendría que ser vía wifi, como hacemos eso?? he visto montones de maneras de romper wifi, pero sin exito, tengo diccionario de 43Gb, y nada, siempre hablan de como se busca info, se vulnera, pero si no puedes enviando archivos infectados o ingenieria social, solo tiene el wifi, podrían explicar eso? gracias.

Pd.: quedé como idiota al no poder tan siquiera entrar a su red por ultimo para empezar en test de intrusion a su laptop.

Ver los 12 comentarios

Completa tu perfil para poder comentar.