PREREQUISITE
Kali Linux Virtual Machine
You can setup Kali Linux VM via Microsoft Azure Marketplace
https://azuremarketplace.microsoft.com/en/marketplace/apps/kali-linux.kali-linux?tab=OverviewSetup Damn Vulnerable Web Application (DVWA) in Kali Linux VM
This just for Education Purpose.
In this article, we will use
- OWASP-ZAP
OWASP-ZAP is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications.
Go to Applications > Web Application Analysis > OWASP-ZAP
Click "Accept".
ZAP will start to load.
Choose "No,I donot want to persist this session at this moment in time" and Click "Start".
Enter URL of DVWA at "URL to attack" → click "Attack".
After the scan is completed, on the top left panel you will see all the crawled sites.
In the left panel "Alerts", you will see all the findings along with the description.
Click "Spider" and you will see all the links scanned.
Conclusion
I'm self learner and I'm not certified in any Cyber Security Certification. Try at your own risk. Feel free to comment.
Top comments (4)
Good,
But if you just want to spider a website, dirbuster is a much more efficient tool. It lives in your terminal, can be scripted and is brilliantly efficient.
You should give it a try (it is part of Kali Linux). ;-)
ow, this article on Website Penetration Testing is spot-on! As someone seeking reliable Penetration Testing companies, this info is gold. It's crucial to prioritize cybersecurity in this digital age. Keep up the great work, and thanks for the insights! 🔒💡
Nice,please keep it easy and simple. Don't show over complicated things in future and show us a continues process what to do next..
Thanks dear