Useful Tips

Here are some tips to help you get the most out of web exploitation concepts, tools, and utilities:

  • Check the URL for user information and queries, as well as the protocol being used

  • Make a map of routes to understand the flow of a website

  • Check general details and standard files such as the favicon, the robots.txt file, the sitemap.xml file, and the security.txt file, among others

  • Check HTTP requests and responses, taking a view of specific details such as headers and their values

  • Check page source code, we can use left click or go to the view-source:$URL direction on the browser

    • Check the code commentaries (<!--), anchors to other routes (<a), framework information, CSS scripts, and JS scripts

    • Check the buttons and the files related to their actions

  • Check if URL parameters are displayed directly on the screen. This will tell us that a code injection can be done

  • Check if a site displays different types of errors when filling out a form

    • If the username field of a login form shows a different error with specific entries, could mean that is an existing user

  • Check if token parameters are sent on the petitions

  • Modify in the HTML code the limit of characters for filling out a form. This can be done using the Inspect option of the browser

  • Check the Inspect>Sources tab on the browser to see the source files of the site. One of the most common is the main.js file which normally contains the logic for the front-end, and in some cases, how the framework handles some important options like routing and configuration

  • When testing a registration form, try to add a "role": "admin" field on the POST request to see if we can create a high-privilege account

  • Check if is possible to get information about a user or do actions without the Authorization header (normally requested on API endpoints)

  • When checking requests with numeric parameters, check how they react to negative inputs

  • Add breakpoints on the JavaScript of client-side apps to check the flow of the variables and actions, and even manipulate them

  • Modify GET requests to APIs to make PUT requests instead, by using the Content-Type header

  • Changing PUT requests to PATCH requests could help to make changes on an app

  • When having access to the list of modules from the frameworks of the app, search for any related vulnerability on the versions being used

  • Check certificates to look for weak certificates or the use of outdated security protocols

  • Check the allow_url_include and allow_url_fopen parameters in the ini.php files to know if a remote file inclusion could be made via FTP, SMB, or HTTP

  • When reviewing source code search for hidden values in the HTML

PreviousTools and UtilitiesNextIntroduction

Last updated