ISC2 Members New Benefits

As an ISC2 member you get to have access to their new training launches as one of your benefits.

I recently got an email about ISC2 Skill builder. I consumed the ICS Convergence module in about 2 hours (while working). And is now taking the “Web Application Penetration Testing” module.

While the below are not required and I am already quite familiar with Web App and its related praxis, I still opted to install and do the exercise nonetheless. it is more exciting that way!

Required Software

Along with direction instruction and demonstrations, this course offers the opportunity for you to complete various exercises before viewing the solutions. If you would like to follow along, use these directions to download and install both Burp Suite and our target application, bWAPP. Installation is not required for completion of the course.

• Oracle VirtualBox 5.x or later OR VMWare Player/Workstation 12.5.x or later
• OWASP Broken Web Apps
• Burp Suite Free or Community edition — 1.7.x (Not 2.0 beta!)
• Firefox Browser — any version
• FoxyProxy FF plugin
• Java (if necessary) — 1.8 or later

I have been using VMWare Workstation 15.5 PRO below is a snippet of my home lab

I have been testing Kali Purple (2023) the past few months, and most of the tools I have been using are not installed by default. One of which is Burpsuite.

The power of sudo apt update && apt upgrade -y

• sudo apt update: This part of the command uses the apt tool with the update option. It updates the local package index, which is a database of available software packages and their versions. This step ensures that your system is aware of the latest package versions available in the software repositories.
• &&: The double ampersand (&&) is a logical operator that means "and." It allows you to execute multiple commands sequentially, with the condition that each command succeeds (returns a zero exit status) before the next one is executed. In this case, it ensures that the next part of the command, the upgrade step, only runs if the update step completes successfully.
• apt upgrade -y: This part of the command uses the apt tool with the upgrade option and the -y flag. The upgrade option is used to install the latest versions of all installed packages on your system. The -y flag automatically answers "yes" to any prompts or confirmation messages that may arise during the upgrade process, making it suitable for automated or unattended upgrades.

Most often than not, any issues installing in linux are resolved by reading the error/s listed. in this case, there are dependencies — software/libraries needed prior to install a software. thats why its a good practice to read through the results. Here those are librync2 and libssh-4. So what i did is do apt install -f both of these.

And, voila! Easy-peasy.

On to learning and enjoy learning from ISC2 Web Application Penetration Testing!