Web Application Pentest Guide
Web Application Pentest Guide
The article demonstrates the complete process of a basic web application pentest from requirement collection to reporting.
These are following steps we are going to follow:
- Requirement Collection
- Information Gathering
- 语言、框架、数据库、服务器
- whatweb/builtwith.com/manual check HTTP requests and response/ Session ID/Cookie Session ID/HTTP Response Header/file extension
- Google/Baidu
- URL Discovery
- 开启BurpSuite Proxy后,用浏览器浏览整个网站,BurpSuite就会把信息都记录在Sitemap中
- 用DirBuster进行目录遍历,把扫出来的目录和文件也都点击查看一下,让BurpSuite记录下来
- BurpSuite->Spider,用爬虫对整个网站抓取
- Automated Scanner Configuration
- 用BurpSuite的Active Scanner扫描
- 用AWVS扫描
- Manual Testing
- 尝试发现逻辑漏洞,对所有可能的用户输入,都变换参数值进行尝试
- 尝试发现工具自动扫描过程中没有找到的漏洞,如SQL注入、XSS、文件包含、文件上传、命令执行等
- 对工具自动发现的漏洞进行验证,排查误报
- Reporting
From:
http://resources.infosecinstitute.com/web-application-pentest-guide-part/
http://resources.infosecinstitute.com/web-application-pentest-guide-part-ii/
浙公网安备 33010602011771号