# 4. Perform Web Application Hacking using AI

## 1. Perform Web Application Hacking using ShellGPT

Detect WAF

```
sgpt --shell “Check if the target url www.certifiedhacker.com has web application firewall”
```

```
sgpt --shell “Check if the target url https://www.certifiedhacker.com is protected with web application firewall using wafwoof”
```

Detect Load Balancer

```
sgpt --shell "Use load balancing detector on target domain yahoo.com.”
```

Detect Technologies

```
sgpt --chat HWA --shell "Launch whatweb on the target website www.moviescope.com to perform website footprinting. Run a verbose scan and print the output. Save the results in file whatweb_log.txt.”
```

Other prompts

```
sgpt --shell "Use Sn1per tool and scan the target url www.moviescope.com for web vulnerabilities and save result in file scan3.txt”
```

```
sgpt --shell “Scan the web content of target url www.moviescope.com using Dirb”
```

```
sgpt --shell “Scan the web content of target url www.moviescope.com using Gobuster" 
```

```
sgpt --shell "Attempt FTP login on target IP 10.10.1.11 with hydra using usernames and passwords file from /home/attacker/Wordlists"
```

```
sgpt --chat wah --shell “create and run a custom script for web application footprinting and vulnerability scanning. The target url is www.certifiedhacker.com”
```

```
 sgpt --chat wah --shell “create and run a custom python script for web application footprinting and vulnerability scanning. The target url is www.certifiedhacker.com”
```

```
sgpt --chat wah --shell "create and run a custom python script which will run web application footprinting tasks to gather information and then use this information to perform vulnerability scanning on target url is www.certifiedhacker.com” 
```

```
 sgpt --shell “Fuzz the target url www.moviescope.com using Wfuzz tool”
```

{% embed url="<https://www.udemy.com/course/ethical-hacker-practical/?referralCode=289CF01CF51246BCAD6C>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ceh-practical.cavementech.com/module-14.-hacking-web-applications/4.-perform-web-application-hacking-using-ai.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.