penetration testing – w3af tool pinzariu marian – miss 2 george blendea – miss 2
TRANSCRIPT
![Page 1: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/1.jpg)
Penetration testing – W3AF
ToolPinzariu Marian – MISS 2
George Blendea – MISS 2
![Page 2: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/2.jpg)
W3AF – About
•W3AF = Web Application Attack and Audit Framework• Started in 2006 as an Open Source Project• Licensed under GPLv2.0• Entirely written using Python• Recently the adopted development process was TDD
(Test Driven Development)
![Page 3: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/3.jpg)
W3AF – Objectives
• Create the biggest community of Web Application Hackers• Become the best Open Source Web Application Scanner• Become the best Web Application Exploitation
Framework• Combine static code analysis and black box testing into
one framework
![Page 4: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/4.jpg)
W3AF – Extensible with Plugins
![Page 5: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/5.jpg)
W3AF – Vulnerability Detection (Over 200)
• SQL Injection• Cross Site Scripting/Cross-Site Request Forgery• DOM XSS• Buffer Overflow• Brute Force Authentication• Click Jacking• Cross Domain• Command Injection• XPath Injection•… and so on
![Page 6: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/6.jpg)
W3AF – Supported Platforms
• All Python supported platforms• Has been tested in various Linux Distributions, Mac OSX,
FreeBSD and OpenBSD•Windows compatible, but not officially supported
![Page 7: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/7.jpg)
W3AF – Ranking on sectools.org
• From 125 tools
![Page 8: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/8.jpg)
W3AF – Installation
![Page 9: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/9.jpg)
W3AF Usage – Find XSS and SQL injections• 1) Set Target URL
![Page 10: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/10.jpg)
• 2) Activate plugins for vulnerabilities that we want to detect
W3AF Usage – Find XSS and SQL injections
![Page 11: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/11.jpg)
• 3) Save current settings (Optional)
W3AF Usage – Find XSS and SQL injections
![Page 12: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/12.jpg)
• 4) Click “Play” and explore the results
W3AF Usage – Find XSS and SQL injections
![Page 13: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/13.jpg)
USE CASE 1 – FULL AUDIT
• Contains scans for a number of vulnerabilities
• Xss, sqli, csrf, brute force
![Page 14: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/14.jpg)
USE CASE 1 – FULL AUDIT
• Results are offered in tree view after scan is completed
![Page 15: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/15.jpg)
USE CASE 1 – FULL AUDIT
• Request and location is indicated
alongside the tree view
![Page 16: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/16.jpg)
USE CASE 1 – FULL AUDIT
• The w3af UI also returns an URL
map on scan completion
![Page 17: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/17.jpg)
USE CASE 2 – BRUTE FORCE – CONSOLE INTERFACE• The console interface is straightforward
• For performing a bruteforce vulnerability scan the brutefoce plugins have to be enabled
• Auth plugins can also be enabled for a deeper scan
![Page 18: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/18.jpg)
USE CASE 2 – BRUTE FORCE – CONSOLE INTERFACE
• Once the target is set we can run
the scan
![Page 19: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/19.jpg)
W3AF – Comparison with other tools
•W3AF, Wapiti, Arachni, Websecurify, JSky
![Page 20: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/20.jpg)
W3AF – Comparison with other tools
![Page 21: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/21.jpg)
W3AF – Comparison with other tools
![Page 22: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/22.jpg)
W3AF – Comparison with other tools
• 3/4
![Page 23: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/23.jpg)
W3AF – Comparison with other tools
• Place 5/5
![Page 24: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/24.jpg)
W3AF – Advantages/Disadvantages
• Advantage: very modular and flexible (python plugins are easy to integrate)
• Disadvantage: not mature enough (number of false negatives is still high - 2011)
![Page 25: Penetration testing – W3AF Tool Pinzariu Marian – MISS 2 George Blendea – MISS 2](https://reader038.vdocuments.net/reader038/viewer/2022110207/56649d825503460f94a67714/html5/thumbnails/25.jpg)
Thank you for your time!