"This is not the 80s, no one says 'hack' any more"
There are various tools available for web testing. You can check website security without any 3rd party tool.
Here's what I do for web penetration testing of my own website.
Go to site
www.example.com
1.Search Directory Listing
type www.example.com/test
"test" is my favorite word. I wanted to check security of a website & test is the word that popped in my mind so I typed 'test' insted of /login.php & I was watching the directory structure of website.
It took me 2 minutes to locate password.txt file which was never intended to view by anyone from the website.
2.XSS
Look for search boxes in website
type
hit search. If website throws alert box then you can perform advanced xss script to get user cookie.
3. Code
Most of the times web developer make mistakes in code. You can look for get, post methods. You can even fatch name of database which is important. You can check loops and then try to overwrite that logic by other methods like sql injection
Firebug is excellent addon to check programming flaws in website or web-app.
4. SQL injection
This is most notorious thing to do with websites. For that you need knowledge of website scripting & overall how to make a complete website. If you are good in web development and sql then you are good to go.
Start by injecting website url with error
www.example.com/login.php'
(beware of ' sign)
(beware of ' sign)
look for error that throws server name, version & other details even sometimes piece of code.
Also look for any input box in website. You can use search box, username & password box anything that accepts input from user. Put test’ OR 1=1. You will get logged in with admin privileges because admin is usually 1st record of database. For more, Google with keyword sql injection basics or something similar.
5.XML injection
Today I read news that major flaw found in Gooogle servers about XML injection. Till now I thought its not powerful as sql injection. But you can actually add new record (probably admin user) in directly database using XML.
To perform XML injection, locate sign up form, entersingle colon ‘ or double colon “ just like sql injection. If it is not sanitized then it will throw XML exception. After stretching this we can even inject tag into XML & make it invalid.
Make sure you read concept “tag injection”.
To perform XML injection, locate sign up form, entersingle colon ‘ or double colon “ just like sql injection. If it is not sanitized then it will throw XML exception. After stretching this we can even inject tag into XML & make it invalid.
Make sure you read concept “tag injection”.
For more information refer OWASP link https://www.owasp.org/index.php/Testing_for_XML_Injection_%28OWASP-DV-008%29
Caja
Keyczar
Native Client (NaCl)
Ratproxy
Skipfish
DOM Snitch
Gruyere
Havij (for advanced SQL injection)
Make sure you use these tools responsibly. If you want to try them out make test server and try on ONLY your personal website.
Feel free to contact if you need any help or want to share anything new.