- Insider attacks are more lethal than the one achieved by an external entity,so sometimes Black box testing would be a waste of money and time .
- Career as a penetration tester is not a sprint,it is a marathon.
- Important HTTP methods for penetration testing
- The GET method:passes the parameters to the web application via the URL itself.
- The POST method:is similar to the GET method and is used to retrieve data from the server but it passes the content via the body of the request.
- The HEAD method:The HEAD method is used by attackers to identify the type of server as the server only responds with the HTTP header without sending any payload.It’s a quick way to find out the server version and the date.
- The TRACE method:is used to identify any alterations to request by intermediary devices such as proxy servers and firewalls.The TRACE method to steal user’s cookies.
- The PUT/DELETE methods:are part of WebDAV,which is an extension to http protocol and allows management of documents and files on the web server.
- The OPTIONS method:used to query the server for the methods that it supports.
Session tracking using cookies:
- The ID could be shared using the GET method or the POST method.When using the GET method,the session ID would become a part of the URL;when using the POST method,the session ID is shared in the body of the HTTP message.The server would maintain a table mapping usernames to the HTTP message.
- the cookie is always set and controlled by the server.
- persistent and non-persistent cookies.
- HTTP is the communication mechanism used to transfer HTML formatted pages.
Three-tier web application:
- Presentation layer
- Application layer
- Data access layer