PenterepMail

Co vše si můžeš vyzkoušet

Při použití PenterepMailu si můžeš v praxi vyzkoušet stovky nejrůznějších útoků. K dispozici ti jsou zranitelné technologie nasazené na serveru, zranitelné webové aplikace umožňující útoky proti uživatelům a útoky proti serveru případně můžeš zneužívat zranitelností mobilní aplikace pro Android.

Zranitelné technologie

  • OS
  • SSH
  • FTP
  • POP3
  • IMPAP
  • SMTP
  • HTTP
  • SSL
  • Mysql
  • Adminer
  • Phpmyadmin
  • Apache
  • Nginx
  • Lighttpd
  • Webmin
  • VNC
  • Samba
  • Sendmail

Zranitelnosti mobilní aplikace

  • Data storage
  • Communications
  • Data providers
  • Authorization
  • Authentication
  • Activities
  • Broadcasts
  • Intents
  • API

Webové útoky na uživatele

  • Form and Parameter Manipulation
    • Hidden Fields Modification
    • Parameters Tampering
    • Insufficient Input Data Validation
  • Authentication
    • User Enumeration
    • Horizontal Guessing
    • Vertical Guessing
    • Form Based Authentication
    • HTTP-Basic Authentication
    • Post & Back Attack
    • Authentication Bypass via Cookie Value
  • Authorization
    • Insufficient Authorization
    • Forced Browsing
    • Authorization Bypass via Cookie Value
  • Session Management
    • Session Stealing
    • Session Fixation
    • Session Donation
    • Session Prediction
    • Session Token in URL
    • Cross-Subdomain Cooking
    • Insufficient logout
    • Insufficient Session Expiration
    • SessionID Cookie Name Fingerprinting
    • Missing HttpOnly Cookie Attribute
    • Missing Secure Cookie Attribute
    • Cross-Site Tracing
    • Reflected HTTP Header Value
  • Cross-Site Request Forgery (CSRF)
  • Clickjacking
  • Path Relative StyleSheet Import (PRSSI)
  • Javascript Hijacking
  • Open Redirect
  • HTTP Parameter Pollution
  • HTTP Response Splitting (CRLF injection)
  • HTTP Response Smuddling
  • Sensitive Data in Browser Cache
  • Sensitive Data in Cookie
  • Sensitive Data in Local Storage
  • Cache poisoning
  • Cross-Site Scripting (XSS)
    • Stored XSS
      • via Showing text
      • via Tag Attribute
      • via File Content
      • via File Name
      • via Javascript Wrapper
      • via Data Wrapper
      • via Missing Content-Type
      • via Missing Charset
    • Reflected XSS
      • via Showing text
      • via Tag Attribute
      • via URL address
      • via Referer Header
      • via User-Agent Header
      • via Host Header
      • via X-Forwarded-For Header
      • via JSON
      • via XML Parser
      • via Flash Banner
    • Dom-Based XSS
      • via Form Input
      • via URL address
    • Blind Stored XSS
    • Cross-Site Messaging (XSM)
  • User DoS
  • Cookie injection
  • Cross domain data hijacking
  • Reflected File Download
  • CSV injection
  • Cross-Site WebSockets
  • WebSockets Manipulating

Webové útoky na server

  • Missing Authorization
  • Insufficient Authorization
  • Technology Fingerprinting
    • HTTP Response Header
    • Banner Grabbing
    • Default cookie naming
  • Server Misconfiguration
    • Admin Interface Availability
    • Default Credentials
  • SQL Injection
    • Union-Based SQL injection
    • Boolean-Based SQL injection
    • Time-Based SQL injection
    • Error-Based SQL injection
    • DNS Exfiltration
    • Local File Disclosure via SQL injection
    • Remote Code Execution via SQL injection
    • Charset Mixing
    • SQL injection via Binary Hash
    • Stacked SQL injection
    • Stored / Second-order SQL injection
    • Multibyte SQL injection
    • Local File Disclosure via SQL injection
    • Command execute via SQL injection
  • SQL Truncation
  • LDAP injection
  • XPATH injection
  • SOAP injection
  • XML injection
  • Host Header Injection
  • Code Injection
  • Command Injection
  • Full Path Disclosure
  • Local File Disclosure
  • Local File Inclusion
  • Remote File Inclusion
  • SSI Injection
  • CGI Injection
  • PHP Object Injection (unserialize)
  • Function Injection
  • XML External Exntity
    • Denial of Services (XXE)
    • Local File Disclosure via XXE
    • Remote Code Execution via XXE
  • SSL vulnerabilities
    • HeartBleed
    • Poodle
    • Beast
  • Captcha cracking
  • HTTP Verb Tampering
  • Redirect Data Leak
  • User enumeration
  • Stored phpinfo
  • Backup files
  • GIT, SVN repository
  • Apache multiviews files enumeration
  • Directory Listing
  • Local Session Poisoning
  • Session Values Injection
  • Server-Side Request Forgery (SSRF)
  • Unautorized Direct Access
  • ShellShock
  • Unsecured Upload
  • Unsecured Download
  • Using Components with Known Vulnerabilities
    • phpMyAdmin
    • PHPMailer
    • Adminer
    • Mpdf
    • Simple PHP Captcha
    • ...

... a mnoho dalších ...