[ Certified Ethical Hacker v10 ] :: [ Module 10 ] :: Web Servers and Applications

This entry is part 12 of 21 in the series [ Certified Ethical Hacker Training ]

Tools

whatweb <target ip> -v # for a single target

whatweb -v 192.168.0.1/24 # for a subnet
ua-tester -u www.schoolforhackers.com -d M D
uniscan-gui  # opens a GUI

Nikto:

Wikto: a website vulnerability tool:
http://sectools.org/tool/wikto/

Burp Suite

“Getting Started with Burp Proxy”:
https://support.portswigger.net/customer/en/portal/articles/1783118-Proxy_Getting%20Started.html

“Brute Force a Website Login Page with Burp Suite”:
https://www.youtube.com/watch?v=25cazx5D_vw

“Brute force attack (form, ssh, ftp) using burp suite and hydra”:
https://www.youtube.com/watch?v=y3Oh54BUN0U

“Brute Force Router Password using BurpSuite”:
https://www.youtube.com/watch?v=gSVM65_pLfA

Netcraft

Brutus

THC-Hydra

OWASP Guide

Nessus / OpenVAS

WinSSLMiM

POODLE (obsolete)

Vulnerabilities to Exploit

Hidden fields

Buffer overflow

DoS

Banner grabbing:

telnet schoolforhackers.com 80

Attack Targets

Input validation

XSS

Unvalidated redirects and forwards

Insecure login systems (see Brutus)

Scripting errors

Session management

CAPTCHA

AntiCaptcha plugin (Chrome, Firefox)

CAPTCHA Be Gone (?)

Rumola (Firefox, Chrome, Safari)

Directory traversal

 

 

Series Navigation<< [ Certified Ethical Hacker v10 ] :: [ Module 9 ] :: Session Hijacking[ Certified Ethical Hacker v10 ] :: [ Module 11 ] :: SQL Injection >>

Leave a Reply