Penetration testing for PHP security vulnerabilities

php security testing penetration-testing
11,371

It all boils down to what you want; you may use Burp Suite which is a great manual pentesting tool with a nice community and resource online that allows you to perform pen tests efficiently.

You might want to try automatic web application scanners such as Acunetix Web Vulnerability Scanner which also comes with manual pentesting tools and automatic crawling and scanning of a site (which is great IMO). They also offer free 14 day trials which should be more than enough for your purpose.

I always believe pentesting should start off with automated software tools as mentioned above and reinforced with manual intervention to make sure you tested the application effectively.

There's no right or wrong way to do it, however the above method is what many opt for. You might also want to read the Hacker's Handbook by Dafydd Stuttard and Marcus Pinto. This gives a great overview on web applications, how to penetrate them and how to safeguard them.

You can make use of utility tools such as Nmap and OpenSSL to confirm or attempt to discover vulnerabilities within an application.

Share:
11,371

Related videos on Youtube

Admin
Author by

Admin

Updated on September 12, 2022

Comments

  • Admin
    Admin over 1 year

    I am doing a undergrad research paper on "Identifying and Testing security vulnerabilities in websites". Initially I thought I would test manually as I had specified in my methodology that I would only test for few chosen vulnerabilities i.e. SQL injection, Cross site scripting, error reporting, session hijacking and input validations. But as I continued researching I found all articles and tutorials suggested software.

    I have few websites that my mates administer so I want to conduct testing on their sites. I am checking for few vulnerabilities on half a dozen websites. Should I use penetration testing tools or just do dynamic penetration testing without software?

  • Juxhin
    Juxhin almost 9 years
    @Soobax - Not at all. My first attempt at "pentesting" was SQL Injection using Google Chrome alone. Whilst I don't wish to provide online resources (as they're located on the darker side of the web) you have to understand that there are certain legal implications accompanied with such activity and you should get explicit permission from the server owners prior to attempting to breach their system in any way. Vulnerabilities such as SQLi/BSQLi/XSS (All 3 major types) and so on are all reproducible via a browser however would take much more effort to perform correctly and effectively.
  • Juxhin
    Juxhin almost 9 years
    @Soobax - A general suggestion granted you're in the current position is to deliberately make part of the applications you wish to test vulnerable to specific attacks. If you would like me to extend my answer to give solid examples I may do so.
  • Admin
    Admin almost 9 years
    I have taken permission from the web admins. I just want to perform basic testing to make sure security measures are implemented properly in PHP. What would you suggest would be my best bet?
  • Juxhin
    Juxhin almost 9 years
    Do you have permission to add or modify certain parts of their web application to make them deliberately vulnerable?
  • Admin
    Admin almost 9 years
    Yes can you please expand on that.
  • Juxhin
    Juxhin almost 9 years
    @Soobax Will do so, just give me some time. Will notify you when my answer has been updated.
  • Admin
    Admin almost 9 years
    No I have to test weather security measures are implemented properly. May be I can use 'acunetix' to perform detailed testing and extract the datas that I require.
  • Juxhin
    Juxhin almost 9 years
    @Soobax If you need to test that the application IS safe then you would have to adopt a different approach to proving it. The main key is how the web application handles user input (encoding/salts and so on). If this is the case then there are a millions articles online to read from that will definitely help you. However I would start from the OWASP top 10 vulnerabilities, say SQL Injection. See how the web application handles maliciously crafted SQL queries in the URL as a start.
  • Juxhin
    Juxhin almost 9 years
    @Soobax - If you have any more queries feel free to drop me an email if you like (it's in my profile description) instead of keeping it here. If you think the current answer answered your original question you may go ahead and mark it as accepted in order to close this question off.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to SECURE my FLUTTER Mobile Application? (Flutter App Penetration Testing Result)
php not redirecting and logging in
How to secure .env file in laravel 5.4?
A better SQL string sanitization function
Exploiting file_get_contents()
Symfony2 Authentication "login_check" path not found
ERROR: WSDL - SOAP-ERROR: Parsing WSDL: Couldn't load from
MIME Type spoofing
Is there such a thing as the "Tamper Data firefox plugin" for chrome?
What is the best way to encrypt files in AES-256 with PHP?