Web Security Projects
A deep dive into my work on HTTP analysis, WAF behavior, and web application vulnerabilities.
WAF Fingerprinting & Behaviour Analysis
Lab-based WAF fingerprinting using WAFW00F, observing response differences across request types to understand how WAFs classify traffic.
Tools Used:
What I Learned:
Learned to identify WAF presence and basic behavior by sending different types of HTTP requests and observing responses. This helps in understanding how a WAF might block or allow traffic.
Connection to Web Security Research:
This is foundational for WAF signature research, as you first need to identify the WAF and its baseline behavior before analyzing its detection logic.
Web Server Enumeration & HTTP Analysis
Analyzing HTTP headers, status codes, and content types through request manipulation, directory discovery, and mapping server behaviour.
Tools Used:
What I Learned:
Practiced analyzing HTTP headers and status codes to map out a web server's configuration and potential vulnerabilities. Understood the importance of the Host header and request methods.
Connection to Web Security Research:
Deep analysis of HTTP communication is critical for writing effective WAF rules that can distinguish between legitimate and malicious traffic patterns.
XODA File Upload Exploitation (Lab)
A controlled lab exercise on file upload exploitation, tracking request structures and detection patterns to identify indicators for signature logic.
Tools Used:
What I Learned:
Explored how file upload vulnerabilities can be exploited in a lab environment. Focused on manipulating Content-Type headers and file extensions to bypass simple filters.
Connection to Web Security Research:
Understanding attack vectors like unrestricted file uploads helps in designing WAF signatures that can detect and block such attempts at the HTTP level.
Subdomain Enumeration using Sublist3r
Passive reconnaissance to identify company subdomains. Demonstrates attack surface expansion for web assessments.
Tools Used:
What I Learned:
Gained experience in passive reconnaissance to expand the attack surface of a web application. Understood how public data sources can reveal hidden subdomains.
Connection to Web Security Research:
Before analyzing WAF behavior, it's crucial to have a complete map of the web infrastructure, as different subdomains might have different security configurations.
Exploiting WebDAV using Metasploit
WebDAV misconfiguration exploitation to gain remote access. Explains scanning, module selection, and session handling.
Tools Used:
What I Learned:
Practiced exploiting misconfigured WebDAV services to upload files and gain remote access. This involved understanding WebDAV-specific HTTP methods like PUT and DELETE.
Connection to Web Security Research:
This project highlights the need for WAFs to have specific rules for less common, but potentially dangerous, HTTP methods that are often abused by attackers.