Web

Tools

  1. BurpSuite

  2. OWASP ZAP

  3. W3af

    Web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.

  4. Arachni

  5. Wfuzz

  6. Cyberchef.io

  7. sqlmap

  8. Dirsearch/dirb

    Alternatives: ffuf, feroxbuster

  9. commix

  10. XSSer

  11. Raccoon

Common Attacks

  1. SQL Injection
  2. Cross-Site Scripting (XSS)
  3. Directory Traversal
  4. Cross-Site Request Forgert (CSRF)
  5. Command Injection
  6. Server-Side Request Forgery (SSRF)

Practice Platforms

  1. DVWA - Damn Vulnerable Web App
  2. OWASP Juice Shop
  3. OWASP crAPI (Completely ridiculous API)
  4. HackTheBox - Web Challenges

Walkthrough

  1. /api/modbus requests in Burp have base64 data in raw.

  2. "the length points towards a block cipher, next step is to look at the wasm to find a key to decrypt comms"

  3. "That's a disassembly of the wasm right? Could you look at the raw wasm and search for strings?" > "securepassword"

    The 32 byte messages look like they're encrypted. If you look more into the wasm you can also find that it uses AES libraries