Open navigation menu

Scribd

0% found this document useful (0 votes)

16 views5 pages

Web Security Workshop

Uploaded by

Copyright

© © All Rights Reserved

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

16 views5 pages

Web Security Workshop

Uploaded by

Copyright

© © All Rights Reserved

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 5

Exercise 1: Port Scanning

Kali linux Port scanning tool

Use nmap

1.1 Port Scanning

Nmap scanme.nmap.org

1.2 Scan in details

sudo nmap -v -sT -sV -O scanme.nmap.org

sudo systemctl start ssh.socket

Create a user

sudo useradd jawwad -p test

sudo passwd username

ssh username@127.0.0.1
Exercise 2. Password Sniffing using Wireshark

Task 2.1 Launch wireshark on Kali Linux

This is used for sniffing network packets

Task 2.2 Launch a vulnerable website which does not use https

http://testphp.vulnweb.com/login.php

Task 2.3 Launch a genuine website which uses https

Observe difference on wireshark
Exercise 3. SQL Injection using Webgoat

Using Webgoat for SQL Injection Attack

Task 2.1

sudo docker run -p 127.0.0.1:8080:8080 -p 127.0.0.1:9090:9090 webgoat/webgoat

Launch Webgoat

Open browser and type

http://127.0.0.1:8080/WebGoat/login

Task 2.2 SQL Queries Injection Attack

1) SELECT * FROM EMPLOYEES WHERE USERID=96134

2) UPDATE EMPLOYEES SET department='Sales' WHERE USERID='89762'

3) ALTER TABLE employees ADD phone varchar(20)

Task 2.3 SQL Grant Unprivileged Access

1) GRANT all ON grant_rights TO unauthorized_user

Task 2.3 Unauthorized Access

SELECT * FROM user_data WHERE first_name = 'John' AND last_name = '

Task 3 Cross site scripting Attack

https://hackmd.io/@DaLaw2/ByD70wAM2#Cross-Site-Scripting
Task 4 Dictionary Attack

hydra -l username-p password 127.0.0.1 ssh

Password spraying

Password is known but user is unknown

Create a file

sudo nano users.txt

hydra -L users.txt -p password 127.0.0.1 ssh

Dictionary Attack

$ hydra -L users.txt -P /usr/share/wordlists/rockyou.txt 127.0.0.1 ssh

more rockyou.txt

cat rockyou.txt

Task 5 ZAP

You might also like

Hacking and Linux
No ratings yet
Hacking and Linux
397 pages
Kali Linux Tools
100% (1)
Kali Linux Tools
5 pages
Virtual Hacking Labs Virtual Hackin
No ratings yet
Virtual Hacking Labs Virtual Hackin
382 pages
CTF - Kioptrix Level 2 - Walkthrough Step by Step: @hackermuxam - Edu.vn
No ratings yet
CTF - Kioptrix Level 2 - Walkthrough Step by Step: @hackermuxam - Edu.vn
10 pages
Ethical Hacking Attacks Using Kali Linux
No ratings yet
Ethical Hacking Attacks Using Kali Linux
24 pages
Exploiting of Metasploit Machine Assessment Report: Assignment-3
No ratings yet
Exploiting of Metasploit Machine Assessment Report: Assignment-3
29 pages
Penetration Testing Step-By-Step Guide
92% (12)
Penetration Testing Step-By-Step Guide
417 pages
PEN-200 Lab Report
No ratings yet
PEN-200 Lab Report
9 pages
Task 1
No ratings yet
Task 1
48 pages
Kali Linux - Website Penetration Testing - Tutorialspoint
No ratings yet
Kali Linux - Website Penetration Testing - Tutorialspoint
23 pages
Cyber Security - Merged
No ratings yet
Cyber Security - Merged
49 pages
OSCP Training - 01
100% (3)
OSCP Training - 01
105 pages
23CV3 ST#is#7637 Assignment 8
No ratings yet
23CV3 ST#is#7637 Assignment 8
21 pages
EH-13-L1 Ethical Hacking Final Project
No ratings yet
EH-13-L1 Ethical Hacking Final Project
22 pages
Penetration Testing With Kali Linux (PWK)
67% (3)
Penetration Testing With Kali Linux (PWK)
6 pages
Lab Guide For Student
No ratings yet
Lab Guide For Student
15 pages
9th August 2024 Current Affair by Ashish Gautam Old
No ratings yet
9th August 2024 Current Affair by Ashish Gautam Old
56 pages
CS Lab Mannual
0% (1)
CS Lab Mannual
49 pages
PEN-200 Lab Report
No ratings yet
PEN-200 Lab Report
8 pages
Presentation Dhananjaya B-1
No ratings yet
Presentation Dhananjaya B-1
70 pages
CyberSecurity Project Report
No ratings yet
CyberSecurity Project Report
4 pages
Cyber Security Internship Report (Beginner)
No ratings yet
Cyber Security Internship Report (Beginner)
18 pages
ENH811S Lab 2 and 3 Scanning and Enumeration
No ratings yet
ENH811S Lab 2 and 3 Scanning and Enumeration
3 pages
Kali Linux Ethical Hacking Commands
No ratings yet
Kali Linux Ethical Hacking Commands
2 pages
Penetration Testing With Kali Linux - 5 Days
50% (2)
Penetration Testing With Kali Linux - 5 Days
9 pages
Ethical Hacking Checklist
No ratings yet
Ethical Hacking Checklist
15 pages
Section 1: What Is Ethical Hacking?: Learning Kali Linux
No ratings yet
Section 1: What Is Ethical Hacking?: Learning Kali Linux
10 pages
Verzeo November Major Project
No ratings yet
Verzeo November Major Project
72 pages
Lab 2
No ratings yet
Lab 2
5 pages
Assignment CSCI369 SPR 2022 WG
No ratings yet
Assignment CSCI369 SPR 2022 WG
6 pages
Lecture 1
No ratings yet
Lecture 1
48 pages
1
No ratings yet
1
14 pages
Document 1
No ratings yet
Document 1
40 pages
JKKJN
No ratings yet
JKKJN
28 pages
PSNA Dec 2024
No ratings yet
PSNA Dec 2024
5 pages
Exp 6
No ratings yet
Exp 6
10 pages
Lab - 04 Linux Privilege Escalation
No ratings yet
Lab - 04 Linux Privilege Escalation
8 pages
Lab - CTF Walkthrough - EVM 1
No ratings yet
Lab - CTF Walkthrough - EVM 1
10 pages
23e05-St#is#6532 Task-04
No ratings yet
23e05-St#is#6532 Task-04
24 pages
Student Manual For Comprehensive Scenario
No ratings yet
Student Manual For Comprehensive Scenario
3 pages
Lab 2 Port Scanning
No ratings yet
Lab 2 Port Scanning
14 pages
Security Report Lab3
No ratings yet
Security Report Lab3
22 pages
Backdoor
No ratings yet
Backdoor
13 pages
Practicals 3
No ratings yet
Practicals 3
5 pages
Kali Linux Cheat Sheet
No ratings yet
Kali Linux Cheat Sheet
3 pages
Hydra Brute Force Lab Task
No ratings yet
Hydra Brute Force Lab Task
5 pages
Task 1:: Run The Vmware Workstation and Click On Create A New Virtual Machine Option
No ratings yet
Task 1:: Run The Vmware Workstation and Click On Create A New Virtual Machine Option
24 pages
A Simple Penetration Testing Practice
No ratings yet
A Simple Penetration Testing Practice
10 pages
Kali Linux Course Requirements
No ratings yet
Kali Linux Course Requirements
4 pages
Section 10 Understanding Common Endpoint Attacks Lab
No ratings yet
Section 10 Understanding Common Endpoint Attacks Lab
25 pages
Lab Simple
No ratings yet
Lab Simple
5 pages
Linux Basics For Hackers: Getting Started With Networking, Scripting, and Security in Kali
No ratings yet
Linux Basics For Hackers: Getting Started With Networking, Scripting, and Security in Kali
7 pages
Lab
No ratings yet
Lab
20 pages
Module 5 Lab
No ratings yet
Module 5 Lab
6 pages
Lab - CTF - Basic Pentesting
No ratings yet
Lab - CTF - Basic Pentesting
12 pages
CCS340 Set 1
No ratings yet
CCS340 Set 1
2 pages
Lab 2
No ratings yet
Lab 2
3 pages
Ethical Hacking
No ratings yet
Ethical Hacking
6 pages
Lab Exercises - XFSC-7021-MC1 - Network Security Kali Linux - 49070 - Online
No ratings yet
Lab Exercises - XFSC-7021-MC1 - Network Security Kali Linux - 49070 - Online
2 pages
Some Tutorials in Computer Networking Hacking
From Everand
Some Tutorials in Computer Networking Hacking
Dr. Hidaia Mahmood Alassouli
No ratings yet

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy