Short & simple guide on attacking Web Security

escrow · April 15, 2019, 1:06pm

Hey 0x00ers,

Throughout all the posts I’ve lurked on, I’ve realised that a lot of people lack knowledge within the Web Security sector and they wouldn’t mind learning it - as it is pretty fun. Now, this thread will include a variety of different links, and it will be talking about Web Security from an attacker’s point of view and not a defender. I will supply you with all the materials I use that are really good to read and use. Of course, if you have any other materials then post below so that it makes it easier for other people to learn

The first thing I did was look at what attack types there are within the Web Security sector, and the website I chose for this is https://www.owasp.org/index.php/Category:Attack purely because it’s one of the good ones out there if not, the best.

After I was familiar with certain attack types (such as XSS, CSRF, IDOR, SQLi, and more) I decided to download Burp Suite as it is a tool that has the ability to crawl for endpoints, allow you to send multiple requests to specific websites and endpoints, allows you to view the response in HTML format from that request, allows you to bruteforce simultaneously and so on. It’s the best tool that I have ever used and I wouldn’t hesitate paying for the Pro version. However, I’m not attempting to write a review on Burp so let’s move on.

After I was familiar with attack types & the use of Burp I decided to participte in CTF’s and hacking boxes and doing web challenges that are on https://hackthebox.eu and CTF’s like https://ctf.hacker101.com/ and https://picoctf.com

After I played around with the boxes and challenges, I still wanted to learn more as the journey isn’t finished (p.s: and it never will be, for anyone). I decided to start reading writeups as a lot of people attack websites differently whether it’s the use of programs, methods or filtering. A good website for reading writeups is https://pentester.land/list-of-bug-bounty-writeups.html which includes a ton of them. Reading writeups is a thing that every pentester / bug bounty hunter should do as it lets you know about attacking an input field in ways you might’ve not known, or how to deal with a bit of filtering and such.

I’m for sure not a professional, but this was only a short guide to get people started off within the Web Security sector on the attacking side.

If you have anything to add, don’t hesitate to comment!

Sea · April 19, 2019, 4:14am

Hacker101 allso offers a web hacking 101 ebook.

I would like to see you share your own write-ups soon! Have you taken notes while learning each topic / attack?

escrow · April 22, 2019, 12:33am

I don’t tend to write writeups myself & publish them as I haven’t really had any nice bugs or anything like that that I could write about. If it’s an RCE or XXE or something, then sure but anything else it would have to be a nice bug that takes quite a lot of escalation or just doing. I still have a lot to learn about other attacks too so

As for the notes part, I always take notes when I’m hunting for bugs so that I don’t forget certain stuff on the website I’m attacking (if that’s what you meant by notes).

Sea · April 25, 2019, 2:34am

I meant more along the lines of while you were learning what XSS is, different ways you managed to implement it, and best practices to defend against it.

system · May 15, 2019, 1:06pm

This topic was automatically closed after 30 days. New replies are no longer allowed.