diff options
| author | mo khan <mo@mokhan.ca> | 2016-02-07 09:36:53 -0700 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2016-02-07 09:36:53 -0700 |
| commit | e2f09c61fa14cc803600f616d10a8b135badaed2 (patch) | |
| tree | d476bc1351c600d1c9534c301d7996836d3d363d | |
| parent | 46e4a6812933c0309c8b952585ab25ceb68132b1 (diff) | |
rename files.
| -rw-r--r-- | README.md | 48 | ||||
| -rwxr-xr-x | doc/01-Introduction_FINAL_v2.pdf (renamed from doc/CPNT 230 -Web App _ DB Security -Introduction_FINAL_v2.pdf) | bin | 1450292 -> 1450292 bytes | |||
| -rwxr-xr-x | doc/02-web_security_technologies.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - Web Security Technologies_FINAL.pdf) | bin | 3180428 -> 3180428 bytes | |||
| -rwxr-xr-x | doc/03-Web Security Principles_FINAL.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - Web Security Principles_FINAL (1).pdf) | bin | 2459039 -> 2459039 bytes | |||
| -rwxr-xr-x | doc/04-Recon_Mapping_FINAL.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - Recon_Mapping_FINAL.pdf) | bin | 2551330 -> 2551330 bytes | |||
| -rwxr-xr-x | doc/05-Discovery_FINAL.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - Discovery_FINAL.pdf) | bin | 2805962 -> 2805962 bytes | |||
| -rwxr-xr-x | doc/06-Mapping_Discovery_FINAL.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - Mapping_Discovery_FINAL.pdf) | bin | 3175791 -> 3175791 bytes | |||
| -rwxr-xr-x | doc/07-Exploitation_SQLi_XXS_FINALv2.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - Exploitation_SQLi_XXS_FINALv2.pdf) | bin | 3526499 -> 3526499 bytes | |||
| -rwxr-xr-x | doc/08-Exploitation_Tomcat_MySQL_FINAL.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - Exploitation_Tomcat_MySQL_FINAL.pdf) | bin | 3559910 -> 3559910 bytes | |||
| -rwxr-xr-x | doc/09-The Project.pdf (renamed from doc/CPNT 230 -Web App _ DB Security - The Project.pdf) | bin | 403718 -> 403718 bytes | |||
| -rwxr-xr-x | doc/samples/PROJECT - Penetration-testing-sample-report-byOFFENSIVE-SECURITY.pdf (renamed from doc/PROJECT - Penetration-testing-sample-report-byOFFENSIVE-SECURITY.pdf) | bin | 2101909 -> 2101909 bytes | |||
| -rwxr-xr-x | doc/samples/PROJECT - Writing-pentest-report-bySANS.pdf (renamed from doc/PROJECT - Writing-pentest-report-bySANS.pdf) | bin | 1392663 -> 1392663 bytes |
12 files changed, 48 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..6e3f817 --- /dev/null +++ b/README.md @@ -0,0 +1,48 @@ +# Overview + +* bt5r3-was.sait230.ca + * linux distro with lots of security tools +* nessus.sait230.ca + * nessus and nexpose vulnerability scanners +* samurai.sait230.ca + * web testing framework + * has vulnerable web applications as well as the tools to test them. +* websecdojo.sait230.ca + * has vulnerable web apps as well as tools to test them. + * preconfigured, stand-alone training environment for web app security. +* metasploitable.sait230.ca + * has vulnerable network services and web applications for security testing. +* tomcat-apache.sait230.ca + * tomcat installed, used for recon and file injection. +* bwa.sait230.ca + * variety of applications with known vulnerabilities. +* ultimatelamp.sait230.ca + * LAMP applications + * used for recon, discovery and mapping phases. + +Targets: +* metasploitable +* tomcat-apache +* bwa +* ultimatelamp + +# web security technologies + +Pure web server: serve static content only. + +```ruby + client -> server +``` + +Dynamic web servers: servers that serve both static and active content. +Application servers: + * examples: websphere, bea weblogic, jboss, tomcat +Proxy servers: + * front ends for one or more applications called a reverse proxy. +Http Protocol: + * request response pattern + * port 80 + +HTTP request packets + +GET /login.php http/1.1 diff --git a/doc/CPNT 230 -Web App _ DB Security -Introduction_FINAL_v2.pdf b/doc/01-Introduction_FINAL_v2.pdf Binary files differindex 67056f6..67056f6 100755 --- a/doc/CPNT 230 -Web App _ DB Security -Introduction_FINAL_v2.pdf +++ b/doc/01-Introduction_FINAL_v2.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - Web Security Technologies_FINAL.pdf b/doc/02-web_security_technologies.pdf Binary files differindex 2dc67a8..2dc67a8 100755 --- a/doc/CPNT 230 -Web App _ DB Security - Web Security Technologies_FINAL.pdf +++ b/doc/02-web_security_technologies.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - Web Security Principles_FINAL (1).pdf b/doc/03-Web Security Principles_FINAL.pdf Binary files differindex 4d7e529..4d7e529 100755 --- a/doc/CPNT 230 -Web App _ DB Security - Web Security Principles_FINAL (1).pdf +++ b/doc/03-Web Security Principles_FINAL.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - Recon_Mapping_FINAL.pdf b/doc/04-Recon_Mapping_FINAL.pdf Binary files differindex a176a5d..a176a5d 100755 --- a/doc/CPNT 230 -Web App _ DB Security - Recon_Mapping_FINAL.pdf +++ b/doc/04-Recon_Mapping_FINAL.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - Discovery_FINAL.pdf b/doc/05-Discovery_FINAL.pdf Binary files differindex 28a3e44..28a3e44 100755 --- a/doc/CPNT 230 -Web App _ DB Security - Discovery_FINAL.pdf +++ b/doc/05-Discovery_FINAL.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - Mapping_Discovery_FINAL.pdf b/doc/06-Mapping_Discovery_FINAL.pdf Binary files differindex 8ef0d92..8ef0d92 100755 --- a/doc/CPNT 230 -Web App _ DB Security - Mapping_Discovery_FINAL.pdf +++ b/doc/06-Mapping_Discovery_FINAL.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - Exploitation_SQLi_XXS_FINALv2.pdf b/doc/07-Exploitation_SQLi_XXS_FINALv2.pdf Binary files differindex d41d959..d41d959 100755 --- a/doc/CPNT 230 -Web App _ DB Security - Exploitation_SQLi_XXS_FINALv2.pdf +++ b/doc/07-Exploitation_SQLi_XXS_FINALv2.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - Exploitation_Tomcat_MySQL_FINAL.pdf b/doc/08-Exploitation_Tomcat_MySQL_FINAL.pdf Binary files differindex 35481ce..35481ce 100755 --- a/doc/CPNT 230 -Web App _ DB Security - Exploitation_Tomcat_MySQL_FINAL.pdf +++ b/doc/08-Exploitation_Tomcat_MySQL_FINAL.pdf diff --git a/doc/CPNT 230 -Web App _ DB Security - The Project.pdf b/doc/09-The Project.pdf Binary files differindex c3b1147..c3b1147 100755 --- a/doc/CPNT 230 -Web App _ DB Security - The Project.pdf +++ b/doc/09-The Project.pdf diff --git a/doc/PROJECT - Penetration-testing-sample-report-byOFFENSIVE-SECURITY.pdf b/doc/samples/PROJECT - Penetration-testing-sample-report-byOFFENSIVE-SECURITY.pdf Binary files differindex c0d4505..c0d4505 100755 --- a/doc/PROJECT - Penetration-testing-sample-report-byOFFENSIVE-SECURITY.pdf +++ b/doc/samples/PROJECT - Penetration-testing-sample-report-byOFFENSIVE-SECURITY.pdf diff --git a/doc/PROJECT - Writing-pentest-report-bySANS.pdf b/doc/samples/PROJECT - Writing-pentest-report-bySANS.pdf Binary files differindex 30c98c3..30c98c3 100755 --- a/doc/PROJECT - Writing-pentest-report-bySANS.pdf +++ b/doc/samples/PROJECT - Writing-pentest-report-bySANS.pdf |