DEV Community

Cover image for Website Penetration Testing
Eng Soon Cheah
Eng Soon Cheah

Posted on • Edited on

20 3

Website Penetration Testing

PREREQUISITE

This just for Education Purpose.

In this article, we will use

  • OWASP-ZAP

OWASP-ZAP is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications.

  1. Go to Applications > Web Application Analysis > OWASP-ZAP
    Alt Text

  2. Click "Accept".
    Alt Text

  3. ZAP will start to load.
    Alt Text

  4. Choose "No,I donot want to persist this session at this moment in time" and Click "Start".
    Alt Text

  5. Enter URL of DVWA at "URL to attack" → click "Attack".
    Alt Text

  6. After the scan is completed, on the top left panel you will see all the crawled sites.
    In the left panel "Alerts", you will see all the findings along with the description.
    Alt Text

  7. Click "Spider" and you will see all the links scanned.
    Alt Text

Conclusion
I'm self learner and I'm not certified in any Cyber Security Certification. Try at your own risk. Feel free to comment.

REFERENCE
https://github.com/cheahengsoon/KaliLinuxTools

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

Top comments (4)

Collapse
 
shostarsson profile image
Rémi Lavedrine

Good,
But if you just want to spider a website, dirbuster is a much more efficient tool. It lives in your terminal, can be scripted and is brilliantly efficient.
You should give it a try (it is part of Kali Linux). ;-)

Collapse
 
samuleduke profile image
samuleduke

ow, this article on Website Penetration Testing is spot-on! As someone seeking reliable Penetration Testing companies, this info is gold. It's crucial to prioritize cybersecurity in this digital age. Keep up the great work, and thanks for the insights! 🔒💡

Collapse
 
mutasim017 profile image
Mutasim Billah

Nice,please keep it easy and simple. Don't show over complicated things in future and show us a continues process what to do next..

Collapse
 
manishfoodtechs profile image
manish srivastava

Thanks dear

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay