You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

Details

Release Info

Web ( Applications | Services ) are common attack vectors due to oft-public visibility. Afterall, HTTPS 'makes the World go round.' Oft-times, Web Development teams tend to forfeit Security for rapid delivery, which is oft-understandable, but can render your systems poorly-protected and overly-exposed. Web Application scanners, employed regularly, can help to find common exposure points that will help your team to elevate their Security posture.

Release Syllabus

Web Server Scanning

Intro to Web Server Scanning with Nikto - Module XV

  • Introduction - Nikto - Features
    • Discuss Nikto Features
    • Pinpoint useful online resources
    • Identify key systems in topology
    • Explore possible scan targets
  •  
  • Nikto Installation
    • Download Nikto Web Scanner
    • Perform Installation
    • Explore run-time environment
    • Discuss Plugins - Signatures - DBs
    • Peruse configuration entries
    • Mention key CLI options
  •  
  • Staging Scan
    • Identify Staging targets
    • Scan Staging to ascertain server metadata
    • Perform comprehensive scans of targets
    • Watch web logs while scans are ongoing
    • Alter display of Web Scan Requests and Responses
    • Rule-out false-positives
    • Adjust security posture where applicable
    • Re-scan and compare and contrast
  •  
  • Production Scan
    • Identify PROD web instance
    • Discern useful metadata with reconnaissance
    • Drill deeper to determine more relevant attributes
    • Attempt to identify vulnerabilities on target
    • Peruse findings accordingly
    • Suggest methods of filtering false-positives
  •  
  • Reporting | Logging
    • Compare STDOUT to Report Data
    • Discuss Logging | Reporting options and formats
    • Enable Reports on various scans
    • Vary target reports for Cron mode
    • Tweak scans and redirect output accordingly
  •  
  • SSL Scans
    • Discuss applicabilitiy
    • Identify key options
    • Enable SSL scanning on targets
    • Compare Staging and Production output
    • Examine supported ciphers on targets
    • Search for cipher weaknesses
    • Evaluate results
  •  
  • Proxy Server Relay Scans
    • Discus pros and cons of Proxy Usage
    • Identify Squid Proxy Facility
    • Update Nikto configuration to support Proxy Usage
    • Perform Proxy Scans from multiple Web Scanners
    • Evaluate Proxy Requests | Responses in Real-Time
    • Compar and Contrast performance differentials
    • Evaluate results
  •  
  • Nikto Scan Tuning
    • Discuss features and benefits
    • Identify key Tuning Options
    • Filter scans to focus on targeted Plugins
    • Initiate multiple Tuned Scans
    • Evaluate Results
  •  
  • Web Application Attack Audit Framework (w3af)
    • Discuss features and benefits
    • Obtain sources
    • Fulfill dependencies
    • Launch and peruse interface
    • Execute common scans
    • Evaluate and discuss ongoing
  •  
  • 'apache-users'
    • Discuss features
    • Search target for UserDir support
    • Enable UserDir support
    • Enumerate confirmed system users
    • Search for non-system users
    • Alter search to handle different return values
    • Disable UserDir support
  •  
  • 'dirb'
    • Discuss features
    • Search web server for common content
    • Look for Apache vulnerabilities
    • Check for CGI-related issues
    • Check using multiple wordlists
    • Recurse to find additional directories
    • Discuss findings and possible remediations
  •  
  • Apache - Suppress Superfluous Bits n Bobs
    • Launch Burp Suite
    • Proxy Requests
    • Identify Superfluous items
    • Tweak Config
    • Mitigate data exposure
    • Re-Test
  •  
  • 'skipfish'
    • Discuss features
    • Scan Target
    • Peruse Report
    • Rectify XSS Concerns
    • Discuss various findings
    • Re-Scan
  •  
  • OWASP - ZAProxy
    • Discuss features
    • Quick Attack Target URL
    • Discuss findings
    • Tighten HTTP Headers
    • Re-Scan | Discuss findings
    • Explore default Spider Results
    • Expand results via SVN Spider
    • AJAX-Spider URL
    • Mitigate visible SVN Entries
    • Passively scan Web Application
    • Evaluate captured data
    • Active Scan - WebApp
    • Proxy valid user requests
    • Define WebApp user
    • Define Login/Logout indications
    • Perform Active Scan
    • Evaluate additional results
    • Process False-Positives
    • Handle XSS Positive
  •  

Tokyo Time

16:9

Rate

1.25x

Watched

1

Completed

1 of 5