Hacking Web Applications

From Enlace Hacktivista
Revision as of 17:38, 11 April 2024 by Booda (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

NOTE: This page is under construction

Web Application Hacking Methodology - Overview

Information Gathering - OSINT

Target Organization

Basic Information
Name
Physical Address
Employee Count
Employee Roles
Target Company TLDs
Company Acquisitions
Social Media Presence
Revenue
Leadership
Job Openings

Organization Employees

Email Addresses
Phone Numbers
Social Media Profiles
Breached Emails
Breached Usernames
Breached Passwords
Curriculum Vitae Discovery

Reconnaissance

Passive

Dorking
DNS Enumeration
Domain Information
Certificate Information
Web Stack Technology Identification
Port Scanning & Service Analysis
Discovering Historical Data
ASN Enumeration

Active

Security Control Identification
Port Scanning & Service Enumeration
Subdomain Enumeration
Web Stack Technology Identification
Walking the Application
Web Crawling
Source Code Analysis - JavaScript

Content Discovery

Subdomain Brute-forcing
Directory Brute-forcing
Parameter Fuzzing
Endpoint Analysis

Vulnerability Scanning

CVE Discovery

Misconfiguration Discovery

Common Vulns

Content Management System & Plugins

Application Analysis

Bypassing Security Controls

Exploit Discovery

APIs

Open Redirects

IDOR

Authentication

File Upload Vulnerabilities

Low Hanging Fruits

S3 Buckets

Subdomain Takeover

Exposed Assets

Injections

Default Credentials

Exposed Secrets

Tools

Tool Description Link
Example Example Example
Example Example Example
Example Example Example