Web application security - the fast guide 1.1 | Page 165

Chapter 8 - Attack Tools
P a g e | 165
Tools main functionalities:
No matter how simple are tools used in hacking or hack proofing
activities, it still for sure represent the most important part to help
minimizing the activity effort needed to complete the planned tasks.
Application Hacking and Application hack proofing tools in general cover
many types of activities using diversity of methods and approaches but
we can still summarize those activities as follow:
1. Intercepting: this mainly mean that the tool will try to capture an HTTP,
HTTPS request, response or both automatically or manually manipulate it
and resubmit it. this activity is normally achieved using a proxy server
that works on a specific port.
HTTP requests and response are easily intercepted using man in the
middle approach in time when the HTTPS communications are
intercepted using man in the middle with double SSL connections where
the interceptor plays the role of a SSL server (self-signed certificate) and
SSL client.
2. Spidering: recursively crawling the site searching content, navigation
structure, functionalities, parameters usage, authentication and session.
3. Fuzzing: the application Fuzzer term is used when the tool automates the
tasks using different values generated randomly or depending on a
dictionary, manually built white list.
4. Scanning: this activity normally focusses on scanning common
application vulnerability using usually two methods:
a. Passive scanning: this method depends on monitoring different
requests and interactions with the application and logging any
usage that match a common vulnerability like the usage of plain
text in an interaction that requires encryption.
b. Active scanning: in active scan the tool is normally more involved
in generating, sending requests and probe the common
vulnerabilities like cross site scripting, header injection.
5. Analyzing: normally this activity is dedicated to a specific content
because it needs to embed a deeper examination capabilities related to
the specific subject. An example about analyzing is session token analyzer
provided by Burp sequencer enabling statistical test for randomness of
sample token.