Wednesday, June 14, 2017

Set up your own Lab for practicing SQL injection and XSS : Ethical Hacking_


I hope you learned about the Sql injection and XSS from BTS.  But you may curious to practice the SQLi and XSS attacks. we know that doing the attack on third-party website is crime.  So how can we do the practice? Here is the solution for you friends. Why shouldn’t set up your own web application ? Yes, you can setup your own Pen Testing lab for practicing the XSS and SQLi vulnerabilities.
When i surf in the internet, i come to know about the  “Damn Vulnerable Web App (DVWA)“.  It is one of web application that used for practicing your Ethical hacking/Pen Testing skills in legal way.
Download this web Application from here:
http://www.dvwa.co.uk/
For Installing the this application, you will need XAMPP server.
The installation procedure :

Using this application , you can also practice:
  • LFI /RFI (File Inclusion methods)
  • Command Execution
  • Upload Script
  • Login Brute Force
if you have any doubts, check their wiki page or comment here.

4 comments:

SQL Injection to WebShell

An SQL Injection attack is not only limited to dumping a database, but can also allow the attacker to upload files to the remote server an...