• admin
• April 14, 2023
• No Comments

Approach.

A common inquiry I often receive is, “What steps can I take to enhance my skills in web application security and which path should I follow?” In light of this question, I believe it would be beneficial to share insights in a blog post. Just like any other field, proficiency in web application security is cultivated through practical experience. The more you practice and familiarize yourself with diverse security issues, the more you will progress in this field

A good starting point in web application security is to thoroughly understand the OWASP Top 10. If you’re unfamiliar with OWASP, it’s a free community that aims to address security vulnerabilities in web applications and ensure their secure protection. This community publishes a list of the most prominent security vulnerabilities at regular intervals. It’s crucial to not only learn about these vulnerabilities, but also understand how they can be exploited and how you can implement effective security measures to mitigate them. Web security is akin to a tree with many branches, where the OWASP Top 10 represents the visible part of the tree, but there are numerous other branches and sub-branches. For instance, the Injection category has various types of injections that you should also familiarize yourself with. It’s important to note that web application security extends beyond just the OWASP Top 10 and involves a vast landscape of potential vulnerabilities to explore and protect against

Where can we practice web application security to improve our skills?

• Portswigger- Web Security Academy
• Buggy Web Application (BWAPP)
• (DVWA) Vulnerability Web Application
• OWASP Juice Shop
• Hellbound Hackers
• ThisIsLegal
• Game Of Hacks
• Vulnweb — Acunetix
• Invicti Testing Web Site — PHP

What are some tools commonly utilized for conducting web application security tests?

1. Burpsuite:

• One tool that is often favored by security researchers, and frequently tops many lists, is Burp Suite. Burp Suite is a robust platform designed specifically for web application security testing. It acts as a proxy, intercepting and capturing traffic between browsers and web pages, enabling users to manipulate and automate modifications to web requests. In addition to its proxy capabilities, Burp Suite offers comprehensive features for detailed enumeration and analysis of web applications. It’s worth mentioning that the annual license fee for Burp Suite can be easily offset by participating in bug bounty programs, where a single successful submission can earn a reward of $400 or more.

2. Postman:-

• The SC-900 exam is available in 13 language options, allowing you to choose the language that best suits your needs. These language options include English, Japanese, Chinese (Simplified), Korean, French, Spanish, Portuguese (Brazil), Russian, Arabic (Saudi Arabia), Indonesian (Indonesia), German, Chinese (Traditional), and Italian.
• While not specifically designed as a security tool, this rest client is a valuable resource for testing backend APIs. It enables you to conduct security tests on APIs, making it a tool worth including in my list due to its frequent use.

3. Tools You Can Use for Exploration:-

Discovery plays a crucial role in web application security testing, particularly when conducting Black Box testing. Without a predefined scope, you must independently identify and investigate the attack surface. Here are some tools that I can suggest to aid you in this process

1. OWASP Amass
2. SubBrute
3. Knock
4. DNSRecon
5. Sublist3r
6. Aquatone
7. Subfinder

While there are numerous tools available across various categories, I have provided a brief overview to give you an idea. You can easily find more information by conducting a simple Google search.

4. Applications that facilitate regular note-taking for recording findings:-

I strongly emphasize the importance of regularly documenting your findings during web application testing. These findings are crucial for creating a comprehensive report. It is essential that your team members who are responsible for report writing can easily understand and incorporate the notes you have taken. Therefore, I will share a few recommended note-taking practices.

1. Keepnote
2. CherryTree
3. Notion
4. SwiftnessX
5. Evernote

5. Which browser plug-ins can be useful for web application security tests?

1. Hackbar
2. Cookie-Editor
3. Hack-Tools
4. HTTP Header Live
5. Firefox Multi-Account Containers
6. Wappalyzer
7. Flagfox
8. JSONView
9. User-Agent Switcher and Manager
10. HackBar Quantum
11. HackBar V2
12. FoxyProxy Standard
13. HackTools
14. XML Viewer Plus

5. Which browser plug-ins can be useful for web application security tests?

In our source code security tests, we utilize tools such as Micro Focus Fortify Static Code Analyzer, SonarQube, Checkmarx, and Coverity. However, it’s worth noting that these tools are not free and are typically preferred by companies with dedicated security teams for this purpose.

What are some recommended books for enhancing your knowledge of web application security.

1. The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws
2. The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
3. Web Application Security: Exploitation and Countermeasures for Modern Web Applications
4. Hack, Learn, Earn
5. Real-World Bug Hunting: A Field Guide to Web Hacking
6. Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities
7. ASP.NET Core 5 Secure Coding Cookbook: Practical recipes for tackling vulnerabilities in your ASP.NET web applications
8. Developer’s Guide to Web Application Security

As every security researcher possesses a unique perspective and knowledge base, conducting web security assessments from diverse viewpoints is vital in identifying specific vulnerabilities. This approach greatly contributes to maintaining web security. To enhance your understanding of web security vulnerabilities, I recommend focusing on bug bounty programs. By participating in bug bounty programs, you will encounter various test environments and challenge yourself to identify security issues from different angles. This iterative learning process leads to acquiring more knowledge through experimentation and discovery of findings. Additionally, considering the economic situation, engaging in bug bounty programs can be a viable way to earn foreign currency in your free time or on weekends. I will be providing a more detailed article on this topic to further elaborate on its benefits.

Which bug bounty programs should you consider signing up for?

1. HackerOne
2. Bugcrowd
3. Open Bug Bounty
4. Intigriti
5. YesWeHack
6. Synack (Special)
7. Zerocopter (Special)
8. HackenProof (Crypto Projects )

Which bug bounty programs should you consider signing up for?

experimentation and discovery of findings. Additionally, considering the economic situation, engaging in bug bounty programs can be a viable way to earn foreign currency in your free time or on weekends. I will be providing a more detailed article on this topic to further elaborate on its benefits.

1. GIAC Web Application Penetration Tester (GWAPT) – Keeping the points in mind, maintaining certification
2. GIAC Certified Web Application Defender (GWEB) – Sustaining certification with a focus on points
3. elearnSecurity eWPT Certification – Ensuring certification points are maintained.
4. elearnSecurity eWPTXv2 Certification – Keeping up with certification points for eWPTXv2
5. Offensive Security Web Expert (OSWE) – Maintaining certification points for OSWE

Burp Suite Certified Practitioner – Ensuring certification points are maintained for Burp Suite

• Here are some tips for enhancing your skills in web application security:
• Don’t shy away from experimentation, as web application security is practice-based. Experimenting and trying new things can help you improve.
• Focus on finding security issues and perspectives. Stay updated with the latest security issues to better assess and research potential vulnerabilities.
• Maintain a systematic approach during security tests. Taking notes regularly and following a step-by-step process can be beneficial.
• Understand software development logic. Familiarize yourself with the software development process to better identify advanced security vulnerabilities.

Overall, I have addressed how you can enhance your skills in web application security. Take care, and I look forward to your next post