by: Hacking

Intercepting and manipulating traffic is a fundamental technique in web application penetration testing. This approach is used to discover vulnerabilities, analyze data flows, and test how applications respond to unusual or malicious inputs and more.

Frameworks

  • OWASP ZAP [Link]
    • The Zed Attack Proxy (ZAP) claims to be the world’s most widely used web app scanner.
    • It is part of the family of resources that OWASP created so, it is free and open source.
  • Burp Suite [Link]
    • Arguably the most popular among all in this list. In the Community Edition, most of the features are available available for free but the throttling in the Intruder makes the experience very frustrating sometimes.
    • Unfortunately, since version 2 of the CE does not offer the feature Spider anymore. But there are many other tools that can perform such functionality.
  • Caido [Link]
    • It has a graphical and a command-line version. The equivalent function to Burp’s Intruder does not throttle!
    • There is also a CLI version that allows automation.
  • MITMProxy [Link]
    • It is a free and open-source interactive HTTP/HTTPS proxy. It terminates SSL/TLS connections and uses a self-signed certificate for the client.
    • This app can be used in the CLI or access Web-UI using a browser.
    • For skilled developers, it offers programmable APIs for full control of the proxy, data transformation, and much more.

Extensions

  • FoxyProxy [Link]
    • For easy of setting up, enabling, and disabling the usage of a proxy that will intercept traffic for analysis and manipulation, this tool is indispensable.
  • ProxyChains [Link]
    • A CLI app that encapsulates the execution of the execution of the client web application and forces its traffic to go through a desired Proxy or a chain of proxies.

Assessments

  • OpenVAS Scanner [Link]
    • It can be easily installed on Kali or in a Docker container.
    • This is the OpenVAS Scanner is now part of the Greenbone Community Edition.
  • Tenable Nessus Essentials [Link]
    • A great vulnerability scanner, free for non-commercial usage but with limitations.
  • NMAP Vuln Scripts [Link]
    • With the usage of scripts, NMAP can assess applications for known vulnerabilities programmatically.

Vulnerable Apps and Labs

  • DVWP (Damn Vulnerable Web App) [Link]
  • Metasploitable VM [Link]
  • OWASP Juice Shop [Link]
  • VulnHub [Link]