This can explain weird behaviour during the exploitation of some vulnerabilities.
![burp suite pen tester burp suite pen tester](https://www.pentestgeek.com/wp-content/uploads/2014/07/Burp-Suite-Tutorial-Cover-Image-1.jpg)
The storage backend can be located on the same server as the web server or on a different one. This programming language can also be used as part of a framework like Ruby-on-Rails. The programming language used: PHP, Java, Ruby, Python, ASP, C#.Application servers like Tomcat, Jboss, Oracle Application server.Web servers like Apache, lighttpd, Nginx, IIS.The server side can be divided into more sub-categories: On the server side a lot of technologies can be used and even if all may be vulnerable to any web issue, some issues are more likely to happen for a given technology. However, web applications' clients can also be a thick client connecting to a web service or just a script. through their browsers (Chromium, Firefox, Internet Explorer, Safari.). Most of the client side technologies are used every day by most Internet users: HTML, JavaScript, Flash. All these components can also present vulnerabilities or security issues. The storage backend to retrieve and save information, most commonly a database.Īll these components may have different behaviours that will impact the existence and exploitability of vulnerability.
![burp suite pen tester burp suite pen tester](https://ae01.alicdn.com/kf/HTB1VizxaAP2gK0jSZPxq6ycQpXas.jpg)
An application server can be involved to process the requests in that case the web server will just forward the requests to the application server.
![burp suite pen tester burp suite pen tester](https://blog.ritvn.com/img/posts/burpsuite/image_1.png)
Once you access the web application, you should see the following page: PentesterLab tried to put together the basics of web testing and a summary of the most common vulnerabilities with the LiveCD to test them. This course details all you need to know to start doing web penetration testing.