Powered by Chat-GPT4 AI Assistant!

Web Application

Tools

Information Gathering

WhatWeb
Whois
Recon-ng
Eyewitness
Dirb
Go Buster
GoWitness
SubDomain Enumeration

Scanning

Nikto
WPScan
CMSMap
TestSSL – SSL Scan
Wfuzz
Owasp Joomscan

Intercepting Proxy

Burp Suite

Useful Resources and Concepts

HTTP Status Codes
HTML Character Entities
Regular Expressions
Useful Websites
HTTP Protocol
OWASP Testing Checklist
Deserialization
CSP Content Security Policy
CORS
JWT Tokens
Web Sockets
Web Standards
OWASP Top 10
Content Security Policy (CSP) Bypass
File Upload Testing

Latest Web Security Posts

log4shell 0-day Exploit in log4j v2 – What it is? How to Identify and Mitigate the Vulnerability (CVE-2021-44228)

What is log4shell ? “Log4Shell” got its name by researchers at LunaSec and credited to Chen Zhaojun of Alibaba. It is an remote code execution vulnerability. This vulnerability has been found in Apache Log4j library, which is an open source logging utility which is written in Java and developed by Apache Software Foundation. This library is…

by Hacking Simplified

EyeWitness

EyeWitness is an open-source tool that is used to take screenshots of the website RDP services, and open VNC servers, provide some server header info and identify default credentials if known.

by Priyansh Mehta

Increasing Need For Cybersecurity Professionals

There is a significant increase in cybersecurity requirements with the exponential growth of job postings over 94% in just seven years. As opposed to this surge, other IT jobs have just grown over 30% in general. So, that leaves a 300% increase in the demand encompassing all IT job profiles. Cybersecurity happens to account for…

by Priyansh Mehta

Recon-ng

What is Recon-ng? Recon-ng is a full-featured reconnaissance framework that has a similar interface to that of Metasploit(which comes in handy and easy to use). Recon-ng has the command-line interface which you can run on Kali Linux, also you enter a shell-like environment where you can configure options, perform recon, and output results to different…

by Priyansh Mehta

Whois ( “who owns a domain?”)

Whois is an Internet service and protocol by which we can find who owns a domain of an website, and displays information about domain name Whois is an Internet service and protocol that searches and displays information about a domain name from repositories of domain name registrars worldwide, and their IP adress block, or an…

by Priyansh Mehta

Loading…

Something went wrong. Please refresh the page and/or try again.

Ask Expert (GPT-4 Powered)
AI Chatbot Avatar
⚠️ Please wait for few seconds after submitting the query..
© 2023 All rights reserved.