1. Footprint the Webserver

1. Information gathering using Ghost Eye

git clone https://github.com/BullsEye0/ghost_eye.git
cd ghost_eye
pip3 install -r requirements.txt

Now launch it

python3 ghost-eye.py

We can use the tool for WHOIS lookup, DNS etc and also scan for clickjacking vulnerability

2. Perform Web Reconnaisance using skipfish

3. Footprint Webserver using Httprecon

4. Footprinting using ID serve

5. Footprinting using netcat and Telnet

netcat

nc -vv certifiedhacker.com 443

telnet

telnet certifiedhacker.com 443

6. Enumeration Webserver using NSE script

nmap -sV --script http-enum certifiedhacker.com

Now to enumerate the hostnames use the following script

nmap --script hostmap-bft -script-args hostmap.bfk=hostmap- certifiedhacker.com

http trace scanner

nmap --script http-trace certifiedhacker.com

Http WAF (Firewall) detection

nmap -p 80 --script http-waf-detect certifiedhacker.com

7. Uniscan webserver footprinting

PreviousModule 13. Hacking Web ServersNext2. Perform Webserver attacks

Last updated