How Can You Improve Yourself on Web Application Security?
One of the most common questions I get is “How can I improve myself on web application security, what kind of path do I follow?” I thought it appropriate to write a blog based on these questions. As it is known in the field of computers, people develop as they practice a practice-based business. In the field of web application security, it is similar to how much you practice and how many different security issues you know.
I think the first way to start here is to master the OWASP Top 10. I would like to talk about what is OWASP, assuming you have heard it for the first time. OWASP is a free community that works to close security vulnerabilities in web applications and ensure that these applications are securely protected, and this community has the most prominent security vulnerabilities lists published at certain years. While learning about the vulnerabilities here, you should learn how you can be exploited and how you can provide a security solution against it. I liken web security to the branches of a tree. Each main branch can have many sub-branches. For example, there are many different Injection types belonging to the Injection category. Unfortunately, this business is not limited to the OWASP Top 10, it is only the visible side of this mountain.
What are the environments where we can practice web application security?
- Portswigger- Web Security Academy
- Buggy Web Application (BWAPP)
- (DVWA) Vulnerability Web Application
- OWASP Juice Shop
- Hellbound Hackers
- ThisIsLegal
- Game Of Hacks
- Vulnweb — Acunetix
- Invicti Testing Web Site — PHP
What tools can you use in web application security tests?
- Burp Suite :
Every security researcher has a favorite tool; One that is sure to be at the top of many lists is Burp Suite. Burp Suite is a comprehensive platform for web application security testing. It can act as an intermediary capturing traffic from browsers to a web page, allowing you to manipulate and automate changes in web page requests. Burp Suite can also be used for detailed enumeration and analysis of web applications. And you can easily pay the annual license fee of this great tool by making a bug bounty of only 400$.
You can take a look at my article about why you should use burp suite.
2. Postman :
Although not exactly a security tool, this tool is a very useful rest client for testing backend APIs. With this tool, you can perform api security tests. I wanted to include it in the list because it is among the tools I use frequently.
3. Tools You Can Use for Exploration
Discovery is very important in a web application security testing. Especially if you are doing this test as Black Box. You will have to find and explore the attack surface yourself, as no scope will be given to you at all. Here are some tools that I can recommend to you in this regard.
- OWASP Amass
- SubBrute
- Knock
- DNSRecon
- Sublist3r
- Aquatone
- Subfinder
Of course, there are many tools under various categories here, but I have briefly mentioned it here for you to get an idea. I think you can find it by doing a little google.
4. Applications That Make You Take Notes of Your Findings Regularly
I believe that it is very important to regularly write down the findings you find during the test as well as to test the web application. Because the next step after the test is to include these findings in the report. Your teammate who wrote the report should be able to easily understand the notes you have taken and place them in the report. For this reason, I will be talking about a few note-taking practices that I will suggest.
- Keepnote
- CherryTree
- Notion
- SwiftnessX
- Evernote
Which browser plug-ins can be useful for web application security tests?
- Hackbar
- Cookie-Editor
- Hack-Tools
- HTTP Header Live
- Firefox Multi-Account Containers
- Wappalyzer
- Flagfox
- JSONView
- User-Agent Switcher and Manager
- HackBar Quantum
- HackBar V2
- FoxyProxy Standard
- HackTools
- XML Viewer Plus
What are source code security tools?
We use some tools in source code security tests. Examples of these are tools such as Micro Focus Fortify Static Code Analyzer, SonarQube, Checkmarx and Coverity. Unfortunately, these tools are not free tools, they are generally preferred by companies that have a security team and do this job.
With which books can you increase your web application security knowledge?
- The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws
- The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
- Web Application Security: Exploitation and Countermeasures for Modern Web Applications
- Hack, Learn, Earn
- Real-World Bug Hunting: A Field Guide to Web Hacking
- Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities
- ASP.NET Core 5 Secure Coding Cookbook : Practical recipes for tackling vulnerabilities in your ASP.NET web applications
- Developer’s Guide to Web Application Security
Why is bug bounty so important in web application security?
Because every security researcher has a different perspective and a different knowledge base. In this way, systems can be examined under different eyes and specific security vulnerabilities can be found. Therefore, it is of great importance in maintaining web security. You have learned about web security vulnerabilities on the systems you will practice with, I suggest you concentrate your knowledge by doing bug bounty. Thus, you will see many different test environments and try to find security problems by approaching different perspectives. That’s why I think making bug bounty has an important place in improving yourself on web security. This is exactly what the learning life cycle is like. More information means more experimentation and ultimately your findings. In addition, considering the economic situation in our country, earning foreign currency is quite logical. It is possible to do this in your free time on your weekend. I will be writing a more detailed article on this.
What are the bug bounty programs you should sign up for?
- HackerOne
- Bugcrowd
- Open Bug Bounty
- Intigriti
- YesWeHack
- Synack (Special)
- Zerocopter (Special)
- HackenProof ( Crypto Projects )
What are the recommended certifications for web application security?
- GIAC Web Application Penetration Tester (GWAPT)
- GIAC Certified Web Application Defender (GWEB)
- elearnSecurity eWPT Certification
- elearnSecurity eWPTXv2 Certification
- Offensive Security Web Expert (OSWE)
- Burp Suite Certified Practitioner
Some advice on how to improve yourself on web application security;
- Do not be afraid to experiment, as the basis of this work is practice-based, it is possible to improve yourself by experimenting.
- What you’re looking for, you’ll find it. Security researchers usually focus on looking for how many security issues or perspectives they get, so constantly learning about new security issues will help you assess and research any issues that may come up.
- While doing these security tests, I can say that I see the benefit of going through the steps in order and regularly. That’s why I pay attention to being regular in taking notes while doing my job.
- Develop software, at least understand the logic. If you don’t know how a software development process works, it can be very difficult to find more advanced security vulnerabilities.
In general, I answered the question of how you can improve yourself in web application security. Take care and see you in my next post.
For more interesting articles
