Module 9 (Web Application Attacks)
Web Application Enumeration
Programming language and Frameworks
PHP - ASP.net - JSP - PYTHON - JAVA and More
Wappalyzer - inspecting URLs - whatweb - Error
Web Server Software
Apache - Nginx - IIS
Wappalyzer - whatweb - Error
Database software
MySQL - MariaDB - MongoDB - Oracle - SQL Server
Wappalyzer - Error
Server OS
Linux - Windows
Wappalyzer - NSE (Nmap Script Engine)
Web Application Assessment Tools
Fuzz Directories
Drip - gobuster - dirsearsh - fuff - wfuzz
Wfuzz
Fuzzing Dir
wfuzz -c -z file,/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt --hc 404,302,301 http://192.168.2.5/bWAPP/FUZZ

Fuzzing Files
.bak, .php, .zip . xml , .json ...etc
wfuzz -c -z file,/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt --hc 404,302,301 http://192.168.2.5/bWAPP/FUZZ.php

Dirbuaster

Fuzzing Parameters In URLs
wfuzz -z range,0-10 --hl 97 http://testphp.vulnweb.com/listproducts.php?cat=FUZZ
Fuzzing Cookies
wfuzz -z file,wordlist/general/common.txt -b cookie=value1 -b cookie2=value2 http://testphp.vulnweb.com/FUZZ
Fuzzing POST Requests
wfuzz -z file,wordlist/others/common_pass.txt -d "uname=FUZZ&pass=FUZZ" --hc 302 http://testphp.vulnweb.com/userinfo.php
Test Vulnerabilities
Nikto - Nessus - acunetix - netsparker - burp and zap proxy
OWASP Top Ten

A01:2021-Broken Access Control
A02:2021-Cryptographic Failures
A03:2021-Injection
A04:2021-Insecure Design
A05:2021-Security Misconfiguration
A06:2021-Vulnerable and Outdated Components
A07:2021-Identification and Authentication Failures
A08:2021-Software and Data Integrity Failures
A09:2021-Security Logging and Monitoring Failures
A10:2021-Server-Side Request Forgery
Last updated