Blog

How to install Owasp Zap in Linux What is Owasp Zap? OWASP ZAP, which stands for OWASP Zed Attack Proxy. Is a popular open-source web application security testing tool developed by the Open Web Application Security Project (OWASP). It is designed to help developers, security professionals, and organizations identify and mitigate security vulnerabilities in web applications. The following are the Features and Functions of the Owasp Zap Web Application Security Testing: Proxy Functionality: Automated Scanning: Manual Testing: Reporting and Analysis: Extensibility: Community Support: We are installing Owasp Zap in Kali Linux. Before the installation of Owasp Zap, Let’s update our Linux system to make sure that we have the latest security patches and packages. Type sudo apt-get update, or copy and paste the command below to your terminal and press enter. Provide your sudo password. Now that our system is up to date, let’s install Owasp Zap. Type sudo apt install zaproxy and press enter Installation was completed successfully. Type zaproxy and press enter to launch Owasp Zap using the command line. You should have something similar to the screenshot below. Owasp Zap is ready to be used for your security testing. Conclusion OWASP ZAP is a versatile and powerful web application security testing tool that enables users to identify and mitigate security vulnerabilities in web applications effectively. Whether performing automated scanning, manual testing, or a combination of both, ZAP empowers users to enhance the security posture of their web applications and protect against cyber threats.

Install BurpSuite in Kali Linux: Easy Step-by-Step Guide. What is BurpSuite? BurpSuite is a hands-on web security testing tool by Portswigger, for web application penetration testing. It allows you to explore and exploit web application vulnerabilities. There is a paid and free version of BurbSuite. We are going to download and install the free/ community edition of BurbSuite in Kali Linux. Click here to download the community edition of Burbsuit. Choose Burp Suite Community Edition and select Linux(x64) for the Operating system. Click the DOWNLOAD button. Click Home on your Kali Linux Desktop > Downloads > Right-click the Burpsuit installer and click on Open Terminal Here. Type ls and press enter to check the directory. Notice that it shows the burpsuite download. Note: Your command may be slightly different from mine based on the version of BurpSuit Download. What you can do, is copy the command below and edit it to your BurbSuite version. The “ls” command shows you this information as shown in the screenshot. Next, type chmod +x burpsuite_community_linux_v2024_2_1_5.sh and press enter to add the execute (x) permission to the file. Now, we are ready to install the BurpSuite on our Kali Linux. Type sudo ./burpsuite_community_linux_v2024_2_1_5.sh and press enter. The installer appears. Click the Next button. Select Destination Directory and click the Next button. Select Directory for Symlinks and click the Next button. Wait for the installation to complete. The installation was completed successfully. Click on the Finish button. Next Step Click here to learn and practice exploiting the Owasp Top 10 vulnerabilities as a Penetration Tester/ Ethical Hacker using the BurpSuite and Owasp Juice Shop.

What is Owasp Juice Shop? OWASP Juice Shop is a deliberately insecure application, for educational and training purposes by the Open Web Application Security Project (OWASP). It serves as a playground and educational tool for developers, security professionals, and students to learn about common web application security vulnerabilities and how to mitigate them. Owasp Juice Shop provides an environment simulating a modern web application with various security vulnerabilities commonly found in real-world applications. Allows users to interact with a variety of security vulnerabilities. Such as Broken Access Control, Cryptographic Failures, Injection flaws, Insecure Design, Security Misconfiguration, Vulnerable and Outdated Components, Identification and Authentication Failures, Software and Data Integrity Failures, Security Logging and Monitoring Failures, Server-Side Request Forgery and more. Each vulnerability is accompanied by a description, allowing users to understand the underlying concepts and implications. Dependency Owasp Juice Shop is dependent on Node.js version 18. First, we are going to install the dependency. How to install the Node.js in Kali Linux To install the Node.js version 18 in Kali Linux. Login to your Kali Linux machine and open your terminal. With root permission (sudo), you need to install the Curl utility on your Kali Linux machine. Using the terminal, type sudo apt install curl. You can click on the code below to copy and paste it into your terminal. Next, we are going to install Node.js version 18. To install Node.js type the following command or copy the command below. Verify the successful installation of Node.js on your system by typing node — — version and press enter. Now, we are ready to install Owasp Juice Shop on our Kali Linux machine. Type sudo apt install juice-shop and press enter. Once the Owasp Juice shop is installed successfully, type sudo juice-shop -h and press enter. This gives you the Owasp Juice Shop Web IP address and port number. You can click on the URL to open Owasp Juice Shop in Firefox. Or copy and paste the link into Firefox, then press enter. Conclusion OWASP Juice Shop is a valuable resource for anyone looking to enhance their understanding of web application security. By providing a safe and interactive environment for learning and experimentation, Juice Shop empowers users to develop the skills and knowledge necessary to build more secure web applications and protect against cyber threats. References Juice Shop-Kali OWASP Juice Shop Next Step Click here to learn and practice exploiting the Owasp Top 10 vulnerabilities as a penetration tester/ ethical Hacker using the Owasp Juice Shop.

Click Here to Download the Editable Template Policy Title: PCI DSS Compliance and Cybersecurity Policy Effective Date: [Insert Date] Policy Owner: [Insert Name/Title] Review Date: [Insert Date] This policy aims to define and implement procedures for compliance with the Payment Card Industry Data Security Standard (PCI DSS) Version 4.0. This policy aims to ensure the protection of payment card data and maintain the highest level of security for cardholder information. This policy applies to all [Company Name] employees, contractors, and third-party service providers of [Company Name] who handle or have access to payment card data or systems processing, storing, or transmitting such data. It covers all the organization’s relevant systems, networks, and physical locations. [Company Name] is dedicated to adhering to PCI DSS Version 4.0 requirements to protect cardholder data from unauthorized access and breaches. This policy outlines the necessary controls and practices to achieve and maintain PCI DSS compliance. 1. Build and Maintain a Secure Network and Systems: 2. Protect Cardholder Data: 3. Maintain a Vulnerability Management Program: 4. Implement Strong Access Control Measures: 5. Monitor and Test Networks: 6. Maintain an Information Security Policy: Reference Payment Card Industry Data Security Standard Requirements and Testing Procedures Version 4.0

Authenticated scanning involves providing credentials (such as usernames and passwords) to the scanning tool, allowing it to log in to the target systems or devices as an authorized user. This enables the scanning tool to access and collect detailed information about the target’s configuration, installed software, patches, and other system attributes that may not be accessible through non-authenticated scanning methods.Qualys Authentication allows the scanning tool to gather comprehensive information about the target systems, including detailed software inventory, configuration settings, and patch status. By authenticating to target systems, Qualys can perform deeper vulnerability assessments, identify misconfigurations, missing patches, and potential security weaknesses that may be overlooked in non-authenticated scans. Authenticated scanning offers several benefits, including: More accurate and comprehensive vulnerability assessment results.Better detection of security issues related to system configuration and patch management.Reduced false positives and more reliable risk prioritization.Enhanced compliance auditing capabilities, particularly for regulatory requirements that mandate comprehensive asset inventory and configuration management. Note: There are prerequisites to this lab From the Previous labs. I will link them below. Prerequisites We need to create an Option Profile for the authentication scan. Click on the scans tab > Option Profiles > New > Option Profiles. Name your new Option Profile Click on Scan, for this example we are leaving everything else as default except the Authentication as this is a basic Authentication scan. We are using the Windows Domain Authentication created in the previous lab. See how to create Windows Domain Authentication here. Click here to learn how to set up Unix Authentication (Linux in Qualys). Check the box next to Windows under Authentication. And Click the save button. Note: Before you launch the scan, ensure your target host IP address (es) is in the same range as the IP address of your virtual appliance. Turn the firewall off on your target host. For this example, my target host is Windows 10 and Windows Defender is turned off. See how to turn Windows Defender off here. Click the Launch button. Next, we are going to create a new Scan. To create a new scan in Qualys, click the Scans tab > Scans > New > Scan. Give your new scan a Title, Select the Option Profiles created, leave the Processing Priority as 0, and choose the Virtual Scanner Appliance created. Choose your Target Host. You can choose an Asset Group, see how to create an Asset Group here. For this example, I am scanning a specific IP address of a Windows 10 virtual machine I made Vulnerable. Type your target IP address(es) In the IPv4 addresses/Ranges. Click the Launch button. See how to make a vulnerable machine here. The Scan was completed successfully. You should see similar to the screenshot below. Click the blue View Results link to review the scan result. Next, let’s review the Scan Result. Click here for How to Analyze Qualys Scan Results.

What is Non-Domain (Local) Scanning? Non-Domain (Local) Scanning: This is when authentication scans are performed on local systems not joined to a domain. In your Qualys VMDR account, click the drop-down arrow at the top left and select VMDR. First, we will create an Option Profile for the Non-Domain (Local) Scanning. Click on the scans tab >Option Profiles > Click the New button > Option Profile. Click on Option Profile Title and give your Option Profile a Title. Leave everything else as default and click the Save button. Next, Let’s create a new Authentication. Click on the scans tab > Authentication. Click the New button > Operating Systems > Windows. Click on Record Title on the left and give your authentication account a Title. Click on the Login Credentials > Local, and create your username and password. Using the logging credentials of your target machine. The default authentication protocol in NTLMv2. Leave the authentication protocols as default. Click on the IPs by the left as shown in the screenshot below. Enter your IP address(es) or IP address range. Click on comments type your comment (Optional) and click the Save button. To check your newly created Windows Authentication, Click on the scans tab > Authentication. Now, we will log into our target machine and perform the following according to Qualys Documentation: How to enable file sharing in Windows 10 Click on the network icon at the lower right of your screen. Click on Network & Internet settings highlighted in blue. Click Network and Sharing Center. Click the Change Advanced Sharing Settings link on the left. Click the Change Advanced Sharing Settings link on the left. Under Guest or Public (Current Profile), turn on network discovery and turn on file and printer sharing. As shown below, click on the Save changes button. Ensure these settings are correct. For All Networks, turn off Public Folder Sharing and turn on Password Protected Sharing. Next, we are going to turn the Windows firewall off. How to turn Windows Defender off In the search box, type Control Panel. Then click Control Panel. To easily locate Windows Defender Firewall, change your “view by” on the top right to small icons. Click Windows Defender Firewall > Turn Windows Defender Firewall on or off Check the radio button next to Turn off Windows Defender Firewall (not recommended) under Domain network Settings. Check the radio button next to Turn off Windows Defender Firewall (not recommended) under Private network Settings. Check the radio button next to Turn off Windows Defender Firewall (not recommended) under Public network Settings. Then click the OK button to save the changes. Windows Defender Firewall is successfully turned off your screen should look similar to the screenshot below. Click here to learn about Windows Defender. Let’s Enable Remote Registry Service How to Enable Remote Registry Service in Windows 10 In the search box, type Service. Click on services Look for Remote Registry. and right-click on it. Click on Properties, and change Startup Type from Manual to Automatic to start automatically at reboot. Click Apply and click OK. Finally, let’s configure User Access Control (UAC). We need to disable User Access Control (UAC. How to disable User Access Control (UAC) in Windows 10 Log in to your Windows 10 as an administrator. In the search box, type Contol Panel. Click on Contol Panel. Change the view by: to small icons on the top right for easy access. Click on User Accounts. Click Change User Account Control Settings. Move the slider down to Never Notify. And click OK. Click Yes on the User Account Control prompt. Restart the machine for the changes to take effect. How to Change Remote UAC Settings Launch Registry Editor by typing run in the search box as shown below. Open type regedit.exe and click the OK button to open it. You may need to run it in administrator mode to perform this action. In the next lab, we will use the newly created Windows Non-Domain Authentication to perform an Authentication scan on a target host. Click here for the next lab References https://cdn2.qualys.com/docs/qualys-authenticated-scanning-windows.pdf

Open VirtualBox, in VirtualBox Manager. Click the File tab > Tools > Extension Pack Manager. Right-click on the Oracle VM VirtualBox Extension Pack. And click Uninstall Click Remove, and Click Yes on Do you want to allow this app to make changes to your device screen that appears. VirtualBox Extension Pack was successfully uninstalled. Click here to learn how to reinstall it if needed.

Click here to download VirtualBox and VirtualBox Extension Pack. Once downloaded, locate the downloaded VirtualBox installer on your system and double-click it to start the installation process. You get a promo asking if you want the application to make changes to your system. Click Yes. Click the Next button. Select how you want the future to be installed. For this example, I am selecting the VirtualBox Application as shown below. Click the Next button. Click Yes. Click Yes. Click the Install button and wait for the installation to complete. The installation was completed successfully, Click Finish. Next, we are going to install the VirtualBox Extension Pack. VirtualBox Extension Pack helps improve the functionality of Oracle VM VirtualBox. It helps with Display Resolutions, USB Support, and so on. To install, locate the downloaded VirtualBox Extension Pack installer on your system and double-click it to start the installation process. Click the Install button. Click I Agree button to agree to the licensing agreement. Click Yes on Do you want to allow this app to make changes to your device screen that appears. The installation was successful and should appear in the VirtualBox Manager as shown below.

What is Metasploitable3? Metasploitable3 by Rapid7 is a Virtual Machine that is intentionally built to contain many security weaknesses and misconfigurations to serve as a valuable tool for cybersecurity education and training. Allowing us to use it as a target for practicing hacking and penetration testing in a controlled and safe environment. Now that you understand what Metasploitable3 is, let’s proceed with the installation. In this lab, we are going to install Metasploitable3 using Vagrant on the Windows Operating System. Click here to download VirtualBox and VirtualBox Extension Pack. Once downloaded Install the VirtualBox and VirtualBox Extension Pack on your Windows OS. The essence of this lab is for you to have a safe and controlled lab environment where you can practice ethical hacking and penetration testing. Important! Please do not scan systems that do not belong to you or have legal permission to scan. Click here to download Vagrant. Scroll down to Windows and download based on the version of your Windows Operating System. 32-bit or 64-bit versions. For this example, I am using a 64-bit Windows version. Vagrant requires you to reboot your system after installation. Ensure to reboot your system on the prompt to reboot. Once rebooted, open your Windows command prompt. Using the following commands, install the vbguest plugins and Vagrant Reload. vagrant plugin install vagrant-reload vagrant plugin install vagrant-vbguest Type this command vagrant box add rapid7/metasploitable3-win2k8 and press enter to add the Metasploitable3 Windows Server2008 version to your system using Vagrant. Choose option 1 to use VirtualBox. Vagrant will go ahead and download the Windows version of Metasploitable3 from its online repository to your system. Open Windows Explorer, and locate the downloaded box at C:\Users\username.vagrant.d\boxes. Change the name of the folder from rapid7-VAGRANTSLASH-metasploitable3-win2k8 to metasploitable3-win2k8. Change your working directory to the location of the folder Metasploitable3 was downloaded. On your Windows Command Prompt, type cd .vagrant.d\boxes. Next, type vagrant init metasploitable3-win2k8 and press enter to start the initialization process. Tips: If you receive this error “ Vagrantfile already exists in this directory. Remove it before running vagrant init.” Run this command vagrant init rapid7/metasploitable3-win2k8 –force to overide the existing vagrant. vagrant init {BOX_NAME} –force Type vagrant up and press enter. Upon the successful completion of the setup process, The Windows Version of Metasploitable3 will be available in your VirtualBox Manager. In your VirtualBox Manager, rename your new Metasploitable3 Virtual Machine for easy identification. The default Username is vagrant and the Password is vagrant. Click here to learn more about Metasploitable3’s security vulnerability. Next, let’s configure the Networking so our Metasploitable3 can communicate with your attacking machine. In VirtualBox Manager, Navigate to Settings > Network > Adapter1 > Attached to Host-Only Adapter select and click the OK button. Let’s configure the Network Adapter2 for Metasploitable3. Settings > Network > Adapter2 > Attached to select Host-Only Adapter and click the OK button. Start your machines and log in. The default credential for Metasploitable3 is Username: vagrant and Password: vagrant. Now you have a new Windows Server 2008 Vulnerable machine that you can scan as a target for your ethical hacking practice. Open the command prompt. Type ipconfig and hit enter to find your IP address. Click here to learn How to set up an Ethical hacking lab. Click here to learn How to perform Vulnerability Scanning using Nmap. Scanning our newly created Metasploitable3 VM as the target.

Metaspoitable3 Installation on Windows using Vagrant (VMware Workstation) What is Metasploitable3? Metasploitable3 by Rapid7 is a Virtual Machine that is intentionally built to contain many security weaknesses and misconfigurations to serve as a valuable tool for cybersecurity education and training. Allowing us to use it as a target for practicing hacking and penetration testing in a controlled and safe environment. Now that you understand what Metasploitable3 is, let’s proceed with the installation. In this lab, we are going to install Metasploitable3 VM in VMware Workstation using Vagrant on the Windows Operating System. The essence of this lab is for you to have a safe and controlled lab environment where you can practice hacking and penetration testing. Important! Please do not scan systems that do not belong to you or have legal permission to scan. Click here to download Vagrant. Scroll down to Windows and download based on the version of your Windows Operating System. 32-bit or 64-bit versions. For this example, I am using a 64-bit Windows version. Vagrant requires you to reboot your system after installation. Ensure to reboot your system on the prompt to reboot. Once rebooted, open your Windows command prompt. Using the following commands, install the vbguest plugins and Vagrant Reload. vagrant plugin install vagrant-reload vagrant plugin install vagrant-vbguest Type this command vagrant box add rapid7/metasploitable3-win2k8 and press enter to add the Metasploitable3 Windows Server2008 version to your system using Vagrant. Choose option 3 to use the Vmware Workstation. Vagrant will go ahead and download the Windows version of Metasploitable3 from its online repository to your system. Open Windows Explorer, and locate the downloaded box at C:\Users\username.vagrant.d\boxes. Change the name of the folder from rapid7-VAGRANTSLASH-metasploitable3-win2k8 to metasploitable3-winsvr2008. Change your working directory to the location of the folder Metasploitable3 was downloaded. On your Windows Command Prompt, type cd .vagrant.d\boxes. Next, type vagrant init metasploitable3-winsvr2008 and press enter to start the initialization process. Tips: If you receive this error “Vagrantfile already exists in this directory. Remove it before running vagrant init.” Run this command vagrant init rapid7/vagrant initmetasploitable3-winsvr2008 –force to overide the existing vagrant. vagrant init {BOX_NAME} –force Type vagrant up and press enter. Upon the successful completion of the setup process, Import the Windows Version of Metasploitable3 into your Vmware Workstation. Rename your new Metasploitable3 Virtual Machine for easy identification. The default Username is vagrant and the Password is vagrant. Click here to learn more about Metasploitable3’s security vulnerabilities. Metasploitable3 installation was successful and now you can log in to your new Windows Server 2008 Vulnerable machine with the default Username: vagrant and Password: vagrant. Open the command prompt.