Hello buddies, after a short break m back with an interesting post on Creating Pentesting lab with bWAPP. bWAPP is one of the cutest web pentesting lab for beginners to get started and learn Web App hacking. I've wrote many Penetration testing articles, this one is also little amazing and helpful for noobs and beginners.
What is bWAPP ?
bWAPP or a buggy web application is a free and open source web applicationbuild to allow security enthusiasts, students and developers to better secure web applications. It is for educational purposes only. bWAPP contain all types of OWASP Top 10 (2013) Vulnerabilities.
bWAPP have many types of Vulnerabilities like :
- HTML, SQL, LDAP, XML, Get, Post, Cookies, Command etc Injection
- Stored, Reflected, DOM, Get, Post etc Cross Site Scripting (XSS)
- Broken Auth. & Session management
- Forgot Password, Function, Insecure transport etc
- Password attacks, Cookie Stealing, HTTP Management etc
- Strong Session, Logout Management etc
- Insecure Direct Object Refernce
- Cross Site Request Forgery (CSRF)
- Security Misconfiguration
- Insecure Cryptographic Storage
- Failure of Restrict URL Access
- Insufficient Transport Layer Protection
- Unvalidated Redirects and Forwads
Others Bugs :
- Client-Side Validation (Password)
- Directory Traversal - Files
- HTTP Response Splitting
- Information Disclosure - Headers
- PHP Eval Function
- Remote & Local File Inclusion
- Unrestricted File Upload
And around 30+ more Bugs for Pentesting. (Click to enlarge it)
How to Install bWAPP in Windows ?
It is pretty little hard but very simple, haha just Complete following requirements :
Requirements :
I'll not show any tutorial to install wamp server, because it's simply very easy, download and install wamp server in your system and start it.
- Installing bWAPP is kinda easy, watch below video :
- Start learning from first level to last it's totally free, learn some basic HTTP/ TCP and IP networking.
- And soon m also gonna post many ethical hacking methods.
Ichsan Bahri
I'm Ichsan. A full time web designer. I enjoy to make modern template. I love create blogger template and write about web design, blogger. Now I'm working with Themeforest. You can buy our templates from Themeforest.
Website: http://sagoe.net/
No Comment to " Ethical Hacking Training with bWAPP Pentest lab "