re: If you were tasked to conduct a security audit on a server/database-backed web app, where would you start? VIEW POST

TOP OF THREAD FULL DISCUSSION
re: I don't think a tutorial will be valuable. it's just a Linux distro with pentesting tools. The best way is to start with a general security book li...

Agreed. There are kali-specific tutors out there, but the distro is more about the endless toolkit.

There are - separately - a trillion tutors on the tools, where they coincidentally use Kali. Those are the better start.

Pentest has soooo many angles, the tooling and concepts are the jump-off point, not the distro.

I think that's what intrigues me so much. My career is builder/creator. I make a thing that does a thing, and that's fun. ... ... ...but I'm not geared for "include an ampersand and this specific text is your ajax call, or create you avatar in this specific way if the server is running on this specific version of blank, then do this and this and this, and now you have admin privileges"

Young me had no idea how important it was to hide the powered-by response header.

CSS hacks blow me away! Just a little tiny bit of user control, and a bad actor can slip-in a background-image that points to a remote gif that triggers a script-kiddie rig that does who-knows-what 🤯

I think that every hack out of there is the subversion of normal input. You're not creating a new entity, you just inserting something not expected which can trigger an abnormal response from an existing one.
I'm also a creator and the only things that were ever interesting for me in pen testing were reverse engineering and programming rootkits. Both because you have to set yourself to learning mode. It's like exploring those portions of the map where it's marked "Here be dragons".

code of conduct - report abuse