Scanning a website without previously spidering is a non-sense. The process of spidering (aka crawling) will recursively visit every URLs found on the website to have an exhaustive view of every entry points. (page 791 to 852 - yes, 61 full pages !) but if you don’t have the book you can use the summary list provided by MDSec.ģ.Good recon can sometimes spot the gold nugget A very complete version is provided in the book You’ve already done many many checks and haven’t spotted any good vulnerability.įollowing the WAHH checklist could help not overlooking important things. Lost in your webapp pentest ? Need fresh ideas/checks ? The basisįirst one is clearly not a quick win but quite mandatory: read and follow the WAHHĢ. We don’t have a magical recipe to make the methodology part easy but we can give a few paths and quick-wins: 1. On the contrary, if you use a good tool, correctly and spend enough time on it, you will find vulnerabilities if there are any. So if any part on the left equals 0, the number of discovered vulnerabilities will always be 0 ! The equation could be given this way: Vulnerabilities lying in the application x tool x methodology x time = Discovered vulnerabilities Despite the fact that the application was pretty well doneĪnd using the same tool, we found a few serious vulnerabilities! With the same tool by spending a little more time configuring it and the job was done. We convinced them that we could try to find weaknesses They launched it without a previous spidering and disregarding the session handling rules. So we asked for their methodology and found that they were using Burp Suite like a point and click software: This is a very common misconception in IT Security (well not only…):Ĭostly tools will provide better protection. Issues if we weren’t using +50k€ tools like WebInspect or AppScan. They thought that we wouldn’t be able to find any In fact they were using it too and couldn’t find any vulnerability on their application with it. When they asked us what tools we used they were a bit disappointed However, having the best tool of the world is not useful if you don’t know how to work with it.Ī while ago, a client asked us to pentest their main web application. No need to introduce the incredible Burp Suite, THE ultimate tool for web pentests.Ĭute wasn’t it ? It was more or less what you get in the Intruder tab now.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |