1. Footprint the Web Infrastructure
1. Web Applications recon using nmap and telnet
2. Web Applications recon using Whatweb
3. Web spidering using ZAP
Launch an automated scan and go to the spidering tab to view pages.
4. Detect Load Balancers using various tools
dig (you get multiple IPs)
lbd
5. Identify webserver directories
nmap
gobuster
dirsearch
6. Vulnerability scanning using Vega
7. Identify Clickjacking using Clickjackpoc
Last updated