HTTP & HTTPS
Usually port 80, 443
Checkout also the web pentesting chapter of CSbyGB Pentips.
Enumerating HTTP and HTTPS
Default web page
We can go check the page in the browser and see what we find if we have 30 or 443 open (or both)
Default web page = automatic finding. Disclose info about the tecnology used: web server, version, hostname etc. = Information Disclosure
Nikto
We can also launch nikto
nikto -h http://host.com
It finds possible vulnerability
Will even do some directory busting
Dirbuster
Source code
We can select view source in the browser.
In there we can check for comments, usernames, passwords, keys etc.
Burpsuite
We can use the repeater to inspect a request modify it and analyze the response
Resources
Last updated