Web Application Fingerprinting
One of the first tasks when conducting a web application penetration test is to try to identify the version of the web server and the web application.The reason for that is that it allows us to...
View ArticleUsing Metasploit To Create A WAR Backdoor
If we have performed a penetration test against an Apache Tomcat server and we have managed to gain access then we might want to consider to place a web backdoor in order to maintain our access.Apache...
View ArticleCommand Execution – DVWA
One of the most critical vulnerabilities that a penetration tester can come across in a web application penetration test is to find an application that it will allow him to execute system commands.The...
View ArticleHTTP Methods Identification
This is a small script that uses netcat in order to connect to a remote web server and to discover which HTTP methods supports.You can see below the source code: #!/bin/bash for webservmethod in GET...
View Article