[Owasp-testing] Additions to "4.2 Information gathering"

Lode Vanstechelman lode at vanstechelman.eu
Mon Feb 16 11:49:33 EST 2009


While reading through chapter 4.2 on Information Gathering, I found some
opportunities where we could add some more tools to the testing phase for
section "4.2.5 Application Discovery"

In the "Approaches to address issue 1 - non-standard URLs" section, we could
make reference to applications like OWASP's DirBuster and Nikto which can be
used to try to find "hidden urls".
In the "Approaches to address issue 3 - virtual hosts" section, we could
make reference to a tool like 'dnsenum' which tries to brute force
subdomains. Comparing the resolved IP addresses of found subdomains might
give you some more Virtual Hosts.

I'm pretty sure we can add the references to DirBuster and Nikto, so I'll
update the text on the wiki.
However, I'm not so sure we could add dnsenum, since there we would be
querying the DNS server and not the webserver.

What's your opinion about this?


Lode Vanstechelman, CISA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-testing/attachments/20090216/7492c26d/attachment.html 

More information about the Owasp-testing mailing list