Skip to main content

How to Approach Web Application Vulnerability Assessment using Burp Community | Part - 2 | Audit Guidelines | High Impact Web Vulnerability

The blog is part-2 in continuation to basically cover how to check the web application vulnerability with Burp Community Edition. This blog will be very helpful while performing the web application security assessment( VAPT) manually. In this part of the blog, we will cover a few vulnerabilities with High impact severity. Please refer the audit guidelines below for serious vulnerabilities.

IP Spoofing (Bypass Whitelisting)

Audit Guideline

  1. Try to access the application from any network except the whitelisted one.
  2. Capture the base request in the burp community and send the request to the repeater.
  3. Add X-Forwarded-For in the request and the IP that has whitelisted for application access.
  4. Observe the application will respond normally. Hence, bypassed the whitelisting to access the application.
Proof of Concept


Request without X-Forwarded-For Header


Request with X-Forwarded-For Header

Account Takeover via Forgot Password — A Practical Attack Scenario of Host Header Injection

Audit Guideline

  1. Capture the change password request in the burp community and send the request to the repeater.
  2. Add one more Host Header with the custom domain as a value in the request and send the request.
  3. Observe the victim will get the password reset mail having a link with a custom domain and the token. Once the victim clicks on the link, the attacker will get the link in his web logs.
Proof of Concept


Original Reset Password link mail


Modified reset link request


Reset password link mail with attacker provided domain

Popular posts from this blog

Essential System Design Concepts for Application Security Professionals

Introduction System design concepts is paramount for safeguarding digital assets against ever-evolving threats. Understanding how to architect systems that are not only robust and scalable but also inherently secure is essential. By grasping core system design concepts tailored to the unique demands of security, these concepts can fortify their applications against potential vulnerabilities and protect sensitive data from malicious actors.   In this blog post, we will discuss 20 latest interview questions related to system design in application security. 1. Explain the concept of threat modeling. Threat modeling is a process used to identify and prioritize potential threats to a system. It involves analyzing the system's architecture, identifying potential vulnerabilities, and evaluating the impact of different threats. The goal of threat modeling is to proactively design security measures that mitigate these threats. 2. How would you design a secure authentication system? A s...
Read more