How to create Penetration testing lab (OWASP, SQLI-LAB, DVWA) on Kali Linux

As you know guys if we want to learn advance web Application hacking then definitely we require vulnerable web apps to learn & practice therefor Security Professionals created this Penetration testing lab with many Vulnerable web apps. So if you’re learner or beginner in Hacking, then I’ll strongly recommend you to create this lab.

What is Penetration Testing ?  
Penetration testing is a practice of learning hacking skills against Web Applications,   Mostly White hat hackers or IT Security Team create a Penetration lab to practice their hacking tools, tricks and even to prevent hacking. Even beginner hacker also want to learn hacking skills like SQL Injection, XSS, CSRF attack etc, this all hacking tricks require a vulnerable website to Explode the Vulnerability and to learn hacking skills.

1. What is OWASP Penetration Testing Lab ?

OWASP Penetration testing lab in also called as Top 10 Vulnerability Assessment and Practice. Basically it is created for Pen Testers and to learn about Vulnerability and Advanced Web Application Vulnerabilities components.

Download OWASP

2. What is SQLi Lab?

SQLI-LABS is attempt to explain the basics involved in SQL injections.SQLI-LABS is a test bed of various lessons to explain and learn different types of SQL injections.

  • Error Based Sql Injections – Union select type.
  • Error Based Sql Injections – Double Query type.
  • Boolian Based Blind Injections.
  • Time Based Blind Injections.
  • Dumping the DB using outfile / Dumpfile.
  • POST based Sql injections Error based type – union select.
  • POST based Sql injections – Double injection type.
  • POST based Blind injections -Boolian / Time based.
  • Injection in the UPDATE query.
  • Injection in the Headers.Injection in cookies.

3.What is DVWA ? (Damn Vulnerable Web App)

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.


Video tutorial:
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s