Web Application Information Gathering

1 Conduct Google/Shodan/Censys Discovery and Reconnaissance for Information Leakage
2 Fingerprint Web Server
3 Review Webserver Metafiles for Information Leakage, robots.txt
4 Enumerate Applications on Webserver
5 Review Webpage Comments and Metadata for Information Leakage
6 Identify application entry points
7 Map execution paths through application
8 Fingerprint Web Application Framework
9 Fingerprint Web Application
10 Map Application Architecture
11 Find subdomains
12 Find IP Address for domain
13 Identify WAF
14 Find Real IP address for domain, if applicable

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s