Your Lab





Summary

In this chapter you were taken through numerous tools that will aid in your learning and facilitate your practice by providing you an environment intentionally left vulnerable to attack. The following tools were exposed to you:

  • WebGoat

  • WebMaven

  • Hacme Bank/Hacme Books

  • MonkeyShell

  • Xoops

  • WASP

You have options in terms of how to approach your learning. You now have enough knowledge to build out your own Web app honeypot environments. For instance, you may want to tackle one tool presented at a time, which is fine. It all comes down to the way you learn. You may want to set up multiple tools at a time or you may want to just fast track yourself to hit the honeypot created for this purpose. This is entirely up to you.

The tools exposed to you here were intentionally not exposed in terms of solving the issues they pose. Giving you the solutions would do you no favors in terms of your learning. Throughout the book you have been exposed to the foundations of all the issues at hand and you have also seen tools and techniques to exploit such vulnerabilities. So cracking these bad boys is your task. You should also view these as a foundation for yourself and build upon them based on the experience you gain. Don’t limit yourself because out there in the field you will encounter different environments in just about every project you’re called for. You must readily, and systematically, adapt and overcome what is presented to you.

You have now reached the end of this Web app pen testing journey. You are now at the stage where you know how to do the following:

  • Find intimate details about your target

  • Focus on key areas of potential vulnerability

  • Exploit areas of vulnerability

  • Document and present your findings to your target audience

  • Assist in remediation efforts if called upon to do so

  • Practice on your own so you can be well trained when you get to do this for real

Some of the tools you have seen throughout this book overlap or provide very similar sets of functionality. You must see that there are many different ways of achieving the ultimate goal at hand, and which method you choose is entirely subjective. Your exposure to all these tools and different methods of getting to the same end point was done very deliberately because you will run into all kinds of foreign, and sometimes hostile, environments out there. A high level of flexibility and adaptability is key in order for you to succeed. You have been getting subtle tastes of this throughout the book.

The state of affairs in reference to all of this is very visible considering that on January 20, 2006, the FBI revealed (http://news.yahoo.com/s/nf/20060120/bs_nf/41074) that approximately 9 out of 10 companies have some type of computer security incident per year. How many of these were breaches that took place via the victim’s Web applications? Unfortunately the publicly available data is not that granular, but an educated guess would certainly position some attacks as being web-based. And if you like numbers, look here for further statistics to drive the point home: http://www.privacyrights.org/ar/ChronDataBreaches.htm. The software industry has hit a point where profits are directly coupled with the time-to-market of development. For this reason major software vendors, corporate developers, and independent consultants have all cut corners whether they admit it or not. Hence the insecure software environments we face on a daily basis.

If you have absorbed everything presented in this book, you now know how to at least gauge where your own web-based software sits in reference to the level of exposure for attack. You also know how to gauge the work of some external entity performing a Web app pen test at your request. Consider yourself an educated consumer in this respect.

Previous Section
Next Section


 Python   SQL   Java   php   Perl 
 game development   web development   internet   *nix   graphics   hardware 
 telecommunications   C++ 
 Flash   Active Directory   Windows