Pages

Wednesday, December 30, 2015

Network Testing tools- Nmap

Hello Readers,

Welcome back :) Till now we have understood web application architecture, web applications and its interception techniques. This all possible if we do a whitebox testing. What if you have only domain address or ip address of target in short you need to perform black box testing. So what should be the approach for testing. We will talk about this in this post..
Consider you have target Ip or target url. If you have URL obtain its Ip by intercepting it in burp and analyze its Ip. Now we need to scan this Ip to know its port status. That is Port Scanning. 
"Port is an endpoint of communication in an operating system. While the term is also used for hardware devices, in software it is a logical construct that identifies a specific process or a type of service".
To scan the ports offered by that server Ip we will use Nmap tool (Network Mapper).
Nmap allows us to know which ports are open or closed on a particular system, or to find out what the Operating System in use.

Friday, December 25, 2015

Basic 4: Proxy intercepting tools- Part 2

Welcome Readers,

Well we understood how to configure proxy tools. In this post I will tell you some tricky conditions where you will be confused why burp is not intercepting traffic. Lets see one by one.

Consider you are security testing professional and you got assignment for web application security assessment. Now according to situation the testing application may be internet facing or intranet facing (Note: Intranet is in-house network). and in an organization subnets are created to share internet via single public facing IP address. To make it simple read below example/
Lets say there is ABC organization having 3 departments HR, IT and Finance. Each department has approximate 50-60 employees. Now to provide internet facility to each employee system ABC org. bought leased line from service provider. ABC org.'s network guy made multiple subnets to provide internet facility to everybody now every system will access internet via proxy provided by network guy.
Condition 1: Now coming back to testing first question will come to testers mind how to intercept internal applications? answer is simple we just need to configure burp tool as we configure for HTTP applications.
Reason: Intranet applications are developed for internal use so they are not accessible from internet.
so we just need to put local host in browser and local host in burp.
Note: some time you need some system authentication while testing so that can be automated via burp in Options>connections>platform authentication.
in the Destination host put application intranet IP.

Basic 3: Proxy intercepting tools- Part 1

Hello Readers,

In this post we will learn about the proxy tools and configuration. In most web application testing testers use Portswigger Burpsuite tool. This tool is excellent proxy tool. There are many feature provided for manual as well as automated testing.
Well I am not going to cover each and every feature of this tool. You will surely find everything about this tool on its website. I am going to cover its tricky parts like configuring burp in various ways to intercept most of web applications.
In my career when I started web application testing. I was bit orthodox. I used to have paros, webscarab tools because they have basic features and easy to use and configure. But at some stage you need more powerful tool that can automate and provide more scope to widen your test skills. Certainly Burp was my answer. So I will advice you to start with basic use of burp so you will become familiar with its features.
Lets start with Burps main window,

Saturday, December 19, 2015

Basic 2: Web Application Testing basics

Welcome Readers,

Today we will cover HTTP methods, response codes, types of interception tools and tips.

HTTP Methods:
In the last post we have seen every time server respond with specific response code so that browser understand and reflect the web page.
There are many HTTP methods application use but most commonly used are GET and POST methods. apart from that there are OPTIONS, TRACE, DELETE, PUT, CONNECT, HEAD methods.
Short description for each method,
GET: The GET method is used to retrieve information from the given server using a given URI. Requests using GET should only retrieve data and should have no other effect on the data.

Basic 1: Web Application Architecture

Welcome Readers,

Today we will cover some basics to start web application penetration testing. In simple terms"Web APp HaCkiNg". Just remember guys we are doing this in ethical way so be careful on testing public websites. caution: Do not exploit any website unless you have permission to do so. always be ethical and responsible. Know everything before doing any hack.

So coming to the basics we will first understand what is WEB APPLICATION?
As we daily browse many websites like Facebook, LinkedIn, YouTube, blogger etc with browsers like firefox,safari, IE, Opera. That means we are accessing web application  using web browsers. Web apps are hosted on web servers. There are number of web servers like Apache, IIS, cold fusion etc. These web servers integrates with database server and store the user/website data in different ways.
Take a look on below diagram for clear understanding,


Introduction to Information Security

Hello Techies,

This is my first blog post. I am starting this blog with the purpose "The Information Security"
As the name suggests information security is to protect information and keep it secure. It sounds very simple but Info Sec domain is as vast as Information Technology.
We will first understand what is Information and why to secure it. I would like to share my funny experience when my first interviewer asked me this question.
"what do you mean by information and what measure you will take to secure it from someone?"
Being a noob in the information security field. I just answered, "Ohh if I have some secret information then I will keep it inside locker and  will not share with anybody." 
Then he said okay by this you will achieve confidentiality but what if you need that information and your locker is at home.
Then I answered,"Umm okay I will scramble that data and keep it with me." he said,"Okay what if you have many pieces of information and you forgot the scrambling pattern of respective  piece of information?" You will lose Integrity of your information.

Little about me

Hello Friends,

I am Ninad Sarang. The information security specialist who loves to learn new technologies and try to understand and implement in easy way. I am writing this blog to simplify the jargon's of information security. I hope my blog will help you to learn many things. I will share my knowledge and experiences as much as possible.
Just stay tuned and visit frequently :)