1 00:00:00,530 --> 00:00:04,140 So finally, we're going to get into the actual hacking part. 2 00:00:04,790 --> 00:00:05,930 I know you're impatient. 3 00:00:06,020 --> 00:00:06,980 No, I'm just kidding. 4 00:00:07,030 --> 00:00:09,860 I know you're eager and that's a good thing. 5 00:00:11,100 --> 00:00:21,540 So you've got the idea of web and Web applications and the interconnectivity and all that, the specifications 6 00:00:21,540 --> 00:00:25,650 and how all the standards work and what they actually mean to us. 7 00:00:26,940 --> 00:00:33,960 So now it's time to start practicing real hacking in the lab now, following a methodology like the 8 00:00:33,960 --> 00:00:36,750 old WASP testing guide is really useful. 9 00:00:37,560 --> 00:00:43,830 And for the most part in these guides, you will see testing procedures that are divided into different 10 00:00:43,830 --> 00:00:47,970 stages, such as reconnaissance, exploitation and reporting. 11 00:00:48,930 --> 00:00:55,740 So here when I was creating course, I pretty much did the same and divided the Web penetration testing 12 00:00:55,740 --> 00:00:58,140 procedures into seven different stages. 13 00:00:58,560 --> 00:01:01,020 And these are mostly acceptable in a field. 14 00:01:02,240 --> 00:01:04,170 You can start from wherever you want to. 15 00:01:04,190 --> 00:01:11,060 I don't want to force you, but to me, I really do advise you to follow along sequentially every part 16 00:01:11,060 --> 00:01:13,640 and then perform all of the different steps. 17 00:01:14,970 --> 00:01:21,270 Because you have to remember, your aim is to identify as many bugs as you can as a penetration test 18 00:01:21,270 --> 00:01:21,450 your. 19 00:01:22,330 --> 00:01:29,610 So that way you can cover every aspect of the application, no stone unturned, so to speak. 20 00:01:31,000 --> 00:01:33,790 So let's get started with information gathering. 21 00:01:35,580 --> 00:01:37,230 Reconnaissance and discovery. 22 00:01:38,130 --> 00:01:45,030 So information gathering or or reconnaissance or discovery, it all means the same thing to us. 23 00:01:45,900 --> 00:01:49,640 It's to me the crucial stage of pen testing. 24 00:01:50,220 --> 00:01:53,160 So allow me to identify this face like this. 25 00:01:53,580 --> 00:01:59,160 It's a phase in which we will extract information regarding the target that we're attempting to hack. 26 00:01:59,550 --> 00:02:06,420 And then this information can be anything directly or indirectly about the target application or the 27 00:02:06,420 --> 00:02:06,960 customer. 28 00:02:07,440 --> 00:02:12,000 Remember the video about attack surfaces when doing a weapon test? 29 00:02:12,000 --> 00:02:16,860 We need to explore all the possibilities of breaking into the Web application. 30 00:02:17,830 --> 00:02:24,610 That's why we need to know about the application database server as well as the users, so the more 31 00:02:24,610 --> 00:02:30,490 information we gather about the target, the more options we will have while we're testing. 32 00:02:31,380 --> 00:02:34,380 Now, to be more specific, this phase includes. 33 00:02:35,280 --> 00:02:42,900 Identifying the IP addresses, subdomains and related information, accumulating information about the 34 00:02:42,900 --> 00:02:50,910 target Web site from publicly available resources such as Google being, yeah, archive dog and shodan. 35 00:02:51,780 --> 00:02:59,190 Identifying people related to the target with the help of social networking sites such as Facebook or 36 00:02:59,190 --> 00:03:06,750 Twitter, spidering the Web application and creating site maps to understand the flow of the application. 37 00:03:08,020 --> 00:03:12,670 You really should consider any information gathered at this stage important. 38 00:03:14,020 --> 00:03:20,650 Because even a small bit of information that looks like it could be nothing may help you exploit in 39 00:03:20,650 --> 00:03:27,910 the later stages of the test, the success of the penetration test depends on the quality of the information 40 00:03:27,910 --> 00:03:30,070 gathered in this stage. 41 00:03:30,730 --> 00:03:31,040 Cool.