• Insider attacks are more lethal than the one achieved by an external entity,so sometimes Black box testing would be a waste of money and time .
  • Career as a penetration tester is not a sprint,it is a marathon.
  • Important HTTP methods for penetration testing
    1. The GET method:passes the parameters to the web application via the URL itself.
    2. The POST method:is similar to the GET method and is used to retrieve data from the server but it passes the content via the body of the request.
    3. The HEAD method:The HEAD method is used by attackers to identify the type of server as the server only responds with the HTTP header without sending any payload.It’s a quick way to find out the server version and the date.
    4. The TRACE method:is used to identify any alterations to request by intermediary devices such as proxy servers and firewalls.The TRACE method to steal user’s cookies.
    5. The PUT/DELETE methods:are part of WebDAV,which is an extension to http protocol and allows management of documents and files on the web server.
    6. The OPTIONS method:used to query the server for the methods that it supports.

Session tracking using cookies:

  • The ID could be shared using the GET method or the POST method.When using the GET method,the session ID would become a part of the URL;when using the POST method,the session ID is shared in the body of the HTTP message.The server would maintain a table mapping usernames to the HTTP message.
  • the cookie is always set and controlled by the server.
  • persistent and non-persistent cookies.
  • HTTP is the communication mechanism used to transfer HTML formatted pages.

Three-tier web application:

  1. Presentation layer
  2. Application layer
  3. Data access layer