Uncovering Vulnerabilities - Exploring Application Attack Surfaces null Hyderabad Meet 25 May 2024 Monthly Meet
Abstract
This presentation explores application attack surfaces, showing various ways and practical techniques for reconnaissance, analyzing the attack surface, and finding potential entry points. We'll talk about methods for finding misconfigurations, looking for weak authentication, checking access controls, examining JavaScript for problems, and spotting business logic flaws, and more.
Speaker
Application Security Engineer
Timing
Starts at Saturday May 25 2024, 10:20 AM. The sessions runs for 40 minutes.
Resources
You need to be signed in to add comments.
MOHAMMAD SAQLAIN
about 1 year ago
Content Discovery dirsearch -u url --full-url -t 2 --random-agent -x 404,302,500,503 --crawl -w ~/mrroot/wordlist/common-dirb.txt --format html -o output.html gospider -s "url" -c 1 -d 5 --blacklist jpg,jpeg,gif,css,tif,tiff,png,ttf,woff,woff2,ico,pdf,svg,txt --proxy http://127.0.0.1:8080 --js --sitemap --robots -u "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" --json katana -u url -jsl -jc -kf all -d 5 -sf url,path,fqdn,rdn,rurl,qurl,qpath,file,ufile,key,value,kv,dir,udir -timeout 12 -retry 3 -s breadth-first -xhr -aff -ef jpg,jpeg,gif,css,tif,tiff,png,ttf,woff,woff2,ico,pdf,svg