🕸️ Web Scanning 101: Discovering the Hidden Layers of Websites

·

Greetings from V-Spot to our cybersecurity aficionados!

Web scanning is more than just skimming the surface. Dive deeper with us into the realms of web assessment:

🔍 1. Web Content Scanning: Script: gobuster dir -u http://targetwebsite.com -w /path/to/wordlist

Output:

/index (Status: 200) /about (Status: 200) /admin (Status: 403) /config (Status: 404)

Suggestion: Directories like /admin are intriguing. Why the restricted access?

🔍 2. Vulnerability Scanning: Script: nmap -p 80,443 --script http-enum,http-vuln* targetwebsite.com

Output:

PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-enum: | /admin/: Admin interface | /config/: Possible config files |_ /backup/: Backup files found |_http-vuln-cve2014-3704: No match

Suggestion: The /backup/ directory could contain sensitive data. Secure it!

🔍 3. Service Detection: Script: whatweb targetwebsite.com

Output:

http://targetwebsite.com [200 OK] Apache/2.4.29, PHP/7.2.10, WordPress/5.4, OpenSSL/1.0.2g

Suggestion: Older versions of Apache, PHP, and WordPress can be vulnerable. Consider updates!

🔍 4. Hidden Endpoint Discovery: Script: wfuzz -c -z file,/path/to/wordlist -u http://targetwebsite.com/FUZZ

Output:

00001: C=403 10 L 29 W 46 Ch "/hiddenAPI" 00002: C=200 9 L 28 W 47 Ch "/testEndpoint"

Suggestion: Review hidden endpoints for security implications.

📌 Always Remember:

  • Scan only where you have permission.
  • Use periodic scans to maintain an updated security stance.
  • Refresh your tools and wordlists regularly.

Leave a Reply

Your email address will not be published. Required fields are marked *