5.1.6 Web App Proxies

Web Application Proxies

Web applications often consist of various components such as scripts, images, style sheets, client, and server-side intelligence. Tools aiding in the examination and analysis of web application behavior are crucial.

An intercepting proxy is a tool enabling the analysis and modification of any request or response exchanged between an HTTP client and a server. This allows a penetration tester to study a web application's behavior and manually test for vulnerabilities.

Burp Suite

One of the most commonly used intercepting proxies is Burp Suite, available for download in the Free Edition or included in Kali Linux. Key features include:

• Intercepting requests and responses between the browser and the web server.

• Manual request construction, allowing for detailed control.

• Website crawling, automatically visiting every page to analyze.

• Fuzz testing, sending patterns of valid and invalid inputs to test behavior.

To use Burp Suite:

1. Configure the proxy settings in the Options sub-tab under the Proxy tab.

2. Set up your browser to use Burp as a proxy for all protocols.

3. Enable interception in Burp, allowing modification of requests before they are sent.

Burp Proxy can intercept and modify requests manually, either by altering the header and body of a message or through automatic processes. The tool provides various configuration options for fine-tuning message interception.

Additionally, Burp Suite includes a Repeater feature for manually building raw HTTP requests. This allows syntax highlighting, raw and rendered response viewing, and integration with other Burp tools.

Steps for Burp Repeater:

1. Set the target by clicking the pencil icon in the upper right corner.

2. Define the target host and port.

3. Create the request using the text area, ensuring it includes at least an HTTP verb (GET, POST), a HOST header, and two empty lines after the headers.

4. Click the Go button to send the request to the server, and view the response in the Response panel.

Remember, Burp Proxy can collect information on HTTP traffic even with interception turned off, viewable in the History tab or the Site Map tab.

Burp Suitehttps://portswigger.net/burp https://www.kali.org/tools/burpsuite/ https://tryhackme.com/room/burpsuitebasics

Web application proxies, particularly intercepting proxies like Burp Suite, are essential tools for analyzing and testing web applications. They provide insights into application behavior, enable vulnerability testing, and offer features for manual request construction and modification.

These tools should not be confused with common web proxy servers like Squid, which serve different purposes such as bandwidth optimization and content filtering.

Scanning & Enum Tools

There're others tools that help us to find information of a web app

Directory Enumeration - Gobuster​

​Gobuster - a tool used to brute-force URIs including directories and files as well as DNS subdomains.

Gobusterhttps://www.kali.org/tools/gobuster/

Directory Enumeration - BurpSuite​

​BurpSuite - an integrated platform for performing security testing of web applications.

Burp Suitehttps://portswigger.net/burp https://www.kali.org/tools/burpsuite/ https://tryhackme.com/room/burpsuitebasics

Scanning WebApp - ZAProxy​

​Zaproxy - OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.#

Zaphttps://www.zaproxy.org/docs/

Scanning WebApp - Nikto​

​Nikto - a pluggable web server and CGI scanner written in Perl, using rfp’s LibWhisker to perform fast security or informational checks.# Kali Linux Installsudo apt update && sudo apt install -y nikto

Niktohttps://www.kali.org/tools/nikto/