Pen testing a Cent OS

Viewing 3 reply threads
  • Author
    • #8704

      Hello All,
      I am new to hacking. I am curious to know how a server for a web application is pen tested as in what are the steps and how to go about do the code review . It will be great if some one can shed some light on that. Any lead will be really appreciated.

    • #53830

      These will give you a general idea of the overall penetration testing process:

      In terms of the web application, OWASP has a section for code review, along with a ton of other resources for attacks, safeguards, tools, etc.:

    • #53831

      Hello Dynamik
      Thanks a lot for those links. They are highly resourceful.

      But I have one more question. If a web application server resides in a third party infrastructure , how can one hack it? Any input will be useful.


    • #53832

      Are you referring to a hosted app server, rather than a dedicated webserver, or what do you mean, specifically, by ‘resides in a third party infrastructure’ ?

      Regardless of where it resides, if you have access to it, the testing / hacking methodologies are the same, except that there may be additional permissions you need to secure, to test the server, if it’s owned by a third party. (Heck, they might not allow you to test it, but…) You might encounter web application firewalls, or have to avoid shared configurations, etc, so as not to breach ethics by hitting someone else’s site / applications.

      But if permissions are obtained from ALL parties, the general testing is the same.

      Now, if you mean it’s an internal webserver, and is not accessible to the outside, then you either need a way to access it (aka, by pwning a client machine or other box you CAN reach, that in some way, shape or form can access it), or physically get access to it.

      If I’m missing your idea, please feel free to elaborate.

Viewing 3 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?