• Usually port 80, 443

Checkout also the web pentesting chapter of CSbyGB Pentips.

Enumerating HTTP and HTTPS

Default web page

  • We can go check the page in the browser and see what we find if we have 30 or 443 open (or both)

  • Default web page = automatic finding. Disclose info about the tecnology used: web server, version, hostname etc. = Information Disclosure


  • We can also launch nikto nikto -h

    • It finds possible vulnerability

    • Will even do some directory busting


Source code

  • We can select view source in the browser.

  • In there we can check for comments, usernames, passwords, keys etc.


  • We can use the repeater to inspect a request modify it and analyze the response


Pentesting Web - Hacktricks

Last updated