1. Footprint the Web Infrastructure

Web infrastructure footprinting helps you to identify vulnerable web applications, understand how they connect with peers and the technologies they use, and find vulnerabilities.

1. Web Applications recon using Nmap and telnet

sudo nmap -vv -A -T4 certifiedhacker.com  //aggressive scan

telnet certifiedhacker.com 80

2. Web Applications recon using Whatweb

whatweb -v certifiedhacker.com  //verbose information

3. Web spidering using ZAP

Launch an automated scan and go to the spidering tab to view pages.

4. Detect Load Balancers using various tools

dig (you get multiple IPs)

lbd

5. Identify webserver directories

Nmap

nmap -sV --script http-enum certifiedhacker.com

gobuster

gobuster dir -u certifiedhacker.com -w /usr/share/worlists/WORDLIST

dirsearch

dirsearch | Kali Linux ToolsKali Linux

6. Vulnerability scanning using Vega

Vega Vulnerability Scannersubgraph.com

7. Identify Clickjacking using Clickjackpoc

GitHub - Raiders0786/ClickjackPoc: Seamlessly Detect and Construct Exploit POCs for ClickJacking Vulnerability using this Automated toolGitHub

python3 clickJackPoc.py -f domains.txt \\save domain in a file

8. Perform Web Application Vulnerability Scanning using SmartScanner

Smart Web Vulnerability ScannerTheSmartScanner

Exam Prep & Training for CEH Practical (Unofficial Course)Udemy

PreviousModule 14. Hacking Web Applications Next2. Perform Web applications Attacks

Last updated 9 months ago

Was this helpful?