HTTP & HTTPS

  • Usually port 80, 443

Checkout also the web pentesting chapter of CSbyGB Pentips.

Enumerating HTTP and HTTPS

Default web page

  • We can go check the page in the browser and see what we find if we have 30 or 443 open (or both)

  • Default web page = automatic finding. Disclose info about the tecnology used: web server, version, hostname etc. = Information Disclosure

Nikto

  • We can also launch nikto nikto -h http://host.com

    • It finds possible vulnerability

    • Will even do some directory busting

Dirbuster

Source code

  • We can select view source in the browser.

  • In there we can check for comments, usernames, passwords, keys etc.

Burpsuite

  • We can use the repeater to inspect a request modify it and analyze the response

Resources

Pentesting Web - Hacktricks

Last updated