Best Pentesting and Web Auditing Tools

It is important to know oneself in order to know the virtues and defects and thus detect the points of improvement. The same thing happens in infrastructures, we must know how they are, that’s why it is so important nowadays to have not only defensive security mechanisms but also to be clear about the importance of offensive security and to have all the fronts covered. And following this trend, we come to web security, where obviously the same thing is happening: we need to know how the (web) yard is in order to provide solutions and lines of defense, as we have seen in Hacker’s Word on numerous occasions.

Pentesting

This time, we must insist on the relevance of all this, and for this purpose there is nothing like the fantastic and complete talk given by Tamara Hueso and Diego Jurado at the PaellaCON* Conference under the surprising title “On the web, don’t get hacked with paella”. 

They came to the event with a desire to eat paella and what they achieved, and in addition to eating they satiated the hunger for knowledge of all those attending by discovering in detail the phases of penting, the importance of web auditing, the tools used in the processes as well as the most common vulnerabilities. They also provided the necessary input: a review of the history of ethical hacking to focus on the importance of ethics when carrying out any intrusion test during a web audit. Without ethics there is no need to do so. No authorization to do pentesting, less so as the law requires it. Here is the pricing of Pen-testing.

Diego Jurado (@djurado9) is a Computer Engineer with a Master’s Degree in Cyber Security and Cyber Warfare (CISDE). Passionate about cyber security, he works as a Security Analyst in the Ethical Hacking & Vulnerability Assessment department at Wise Security Global. Co-creator of the blog ‘Follow The White Rabbit’. Member of the BugHunting and CTFs team (Red4Sec). Winner of the III Young Professional Competition (ISACA Challenge 2016) and speaker at the High Level Conference on Assurance 2016 organized by ISACA.

Tamara Hueso (@tamarahueso) is a Computer Engineer with a Master’s degree in Cyber Security and Cyber Warfare. Senior Security Analyst at Deloitte’s Infrastructure protection and vulnerability Management department. Member of the blog ‘Follow The White Rabbit’, Bitácoras 2016 award for the best IT Security blog. An enthusiast with a desire to change the image of cybersecurity professionals. Hacking in heels.

Ethical hacking, pentesting, web auditing, tool and vulnerability list

The talk given by Tamara and Diego, which is available both on video and podcast, was divided into the five categories shown in the statement, thus offering a review of what they face every day from their position as both system and web security analysts. On this occasion, the presentation focused on the subject of Web security: 

  • Ethical hacking. Brief history and review of major scandals.
  • Pentesting, types and phases that are divided into:
  • Agreement and authorization.
  • Recognition and enumeration.
  • Scanning and analysis of vulnerabilities.
  • Exploitation.
  • Post-exploitation.
  • Documentation
  • Web audit. OWASP and review of the seven principles of securitization based on:
  • Minimize the attack surface.
  • The principle of minimum privilege.
  • The principle of defense in depth.
  • Avoiding security through obscurity.
  • The correct management of errors.
  • Not to trust third party services.
  • Completely fix security flaws.
  • Tools, resources for pentesting: 
  • Tool for scanning ports and services, NMAP.
  • File and directory discovery in web applications through “Fuzzing”, DIRB.
  • Web proxy, the Swiss Army Knife, Burp Suite.
  • Web proxy, another alternative, Zed Attack Proxy (ZAP).
  • TestSSL, Qualys SSLLabs.
  • Scanning for vulnerabilities in web applications, Nikto.
  • Vulnerability scanning program for infrastructure and application, Nessus.
  • Scanning for web vulnerabilities, Acunetix.
  • Automation and exploitation of SQL Injection attacks, SQLMAP
  • Framework for exploiting vulnerabilities, Metasploit.
  • Vulnerabilities, classification and types:
  • Authentication.
  • Authorization.
  • Encryption.
  • Validation.
  • Design.
  • Configuration.
  • Session.
  • Maintenance.

On this occasion I recommend complementing this talk with the one offered by Rafael Otal in the last edition of PaellaCON ‘Web Security, don’t let your website become the flag of Japan’ and the cyber debate on ‘How to improve security in WordPress’. You can also access the playlist with all the available videos from PaellaCON from this link.