Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
The ha.ckers.org and sla.ckers.org web application security lab house rules and a place for you to introduce yourself if you like. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
New to Web App Hacking
Posted by: kambozza
Date: July 27, 2010 10:04AM

Hello All,

I recently entered the wonderful world of Web App hacking. I already read some books such as the Web Application Hacker's Handbook.

My problem now is that I don't know where to go from here? What is the next step? I think that you guys will be able to point me in the right path to become a professional web app pentester.

Thanks :)

Options: ReplyQuote
Re: New to Web App Hacking
Posted by: kambozza
Date: July 28, 2010 02:09AM

Just to elaborate, I've also attempted to work on WebGoat but the FIRST lesson was HTTP Splitting and kinda shocked me as a new comer to web app pentesting. I wish there was a more methodological approach than the one I'm taking (Which is trying random things and picking up bits and pieces)

Im a seasoned programmer and have over 10 years of IT experience, all I need is some guidance into the proper direction and I'll be on my way :)

Options: ReplyQuote
Re: New to Web App Hacking
Posted by: kambozza
Date: July 30, 2010 11:20AM

Wow 250 views and not a single reply. You guys really love to help don't you :(

Options: ReplyQuote
Re: New to Web App Hacking
Posted by: HotspotTicket
Date: July 31, 2010 09:55AM

First off that might have been some crawler or search engine...

Second, why don't you just take a look what was going on in other similar threads here. Check all those tutorials and videos available for people starting.

Third, get yourself a job where you can practice what you've learned.

Fourth, sorry you didn't learn to think for yourself... (SCNR) ;-)

Options: ReplyQuote
Re: New to Web App Hacking
Posted by: thrill
Date: August 02, 2010 10:35AM

5th - you ever hear of this little conference called DefCon? You know, it's the one where all the people interested in security like to attend.. there's a slight chance a lot of people were there and were not glued to their computers waiting for you to ask a question..

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: New to Web App Hacking
Posted by: dewy_2006
Date: June 15, 2011 06:11AM

same with me. new to web app sec. my primary area of expertise is linux administration, authentication & data security with baisc programming knowledge. any good book to strat with ?

Options: ReplyQuote
Re: New to Web App Hacking
Posted by: Albino
Date: June 15, 2011 01:32PM

The webapp hackers handbook is pretty good. There are loads of intentionally vulnerable webapps out there, just experiment with those (hell I made one myself but it isn't for beginners). See the list at
http://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning/
And remember you can practise on google/mozilla/facebook/paypal/microsoft if you don't go full disclosure on them.

Options: ReplyQuote


Sorry, only registered users may post in this forum.