Ethical Hacking 101
In today's digital landscape, software security is paramount. To safeguard applications from cyber attacks, developers must embrace Ethical Hacking—an innovative approach that empowers them to uncover vulnerabilities and strengthen security measures.
Ethical Hacking involves adopting the mindset of malicious hackers to identify weaknesses and fortify defences against unauthorised access, data breaches, and other threats. By integrating this practice into the coding process, developers gain valuable insights, proactively mitigating risks and creating more robust and secure software systems.
I took a basic lesson from Snyk about Ethical Hacking, which helps me consider security measures in coding.
Process
- Plan & Prepare (Reconnaissance phase)
- Scan & Enumerate
- Exploit
- Analyse & Report
- Communicate & Collaborate
- Continuous Education & Professional Development
Tools
- Nmap: network scanner
- Burp Suite: security testing of web applications
- Metasploit: penetration tests
- Wireshark: packet analyser
- Maltego: intelligence and forensics, graphical link analysis for real-time data mining.
- Snyk: scan, prioritize, and fix security vulnerabilities of codes
- John the Ripper: password cracking tool
- Wappalyzer: Find out what websites are built with
- Kali linux: for digital forensics and penetration testing
Best Practices
- Obtain permissions before conducting any testing
- Follow all relevant laws and regulations
- Do not use tools or techniques that could cause damage or disruption
- Use a risk-based approach
- Document your findings and provide a report to the owner
XSS (Cross-Site Scripting)
Cross-Site Scripting attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.
Example: Try to fill in
[Totally Safe Link]
(javascript:document;cookieStore.g et('super_secret_cookie'8#41;.then((e&#
41; =>
{document.getElementsByClassName('v-text-field _slot'8#41;
[1].childNodes[1].value='${e.namel = $
{e.value}
*;document.getElementsByClassName('v
-text-field slot'8#41;
[1].childNodes [1].dispatchEvent(new
Event ('input')8#41;;document.getEl ementsByClassName'v-text-field _slot'8#41;
[1].nextElementSibling.childNodes[0].clic k(8#41;}8#41;
Then conduct Prototype Pollution, says caused by lodash. See detail at https://github.com/Kirill89/prototype-pollution-explained/blob/master/README.md
Path Traversal
A path traversal attack (also known as directory traversal) aims to access files and directories that are stored outside the web root folder.
Vulnerability Disclosure Program & Bug Bounty
- Hackerone
- Bugcrowd
- Intigriti
- Promote responsible disclosure and incentivizing bug hunting
- Identify and address security weaknesses before they can be exploited by malicious actors
- Improve the overall security of software and systems
- Include scope and objectives, methodology, findings and vulnerabilities, risk assessment and severity ratings, and recommendations for mitigation
- Consider honesty, accuracy, confidentiality. and respect for 3rd-party agreement
Resources
- https://owasp.org/
- https://owasp.org/www-project-juice-shop/
- https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
- https://bugcrowd.com/agilebits
- https://tryhackme.com/
- https://www.hackthebox.com/
- https://www.devseccon.com/
- https://github.com/snyk-workshops/EH-Patch-Todo-App
- https://learn.snyk.io/
- https://snyk.io/blog/
- https://snyk.io/ethical-hacking-resources/
- https://twitter.com/snyksec
- https://www.youtube.com/snyksec
- https://docs.snyk.io/snyk-cli/install-the-snyk-cli
- https://snyk.io/platform/ide-plugins
- https://snyk-chat-goof.snykchallenge.io/
- https://snyk.io/advisor/
- https://security.snyk.io/vuln/SNYK-JS-SIMPLEMARKDOWN-173788
Comments