Difference between revisions of "Talk:Enumerate Applications on Webserver (OTG-INFO-004)"

From OWASP
Jump to: navigation, search
(New section: v3 Review Comments)
 
(7 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 +
__TOC__
 +
 +
==Subdomain Brute Forcing==
 +
 +
I think, if in scope, subdomains should be brute forced to find additional applications.
 +
 +
== NMAP Changes? ==
 +
 
Hi, what do you think to change the nmap command, and the nmap site?
 
Hi, what do you think to change the nmap command, and the nmap site?
  
Line 8: Line 16:
  
 
nmap –PN –sT –sV –p0-65535 192.168.1.100
 
nmap –PN –sT –sV –p0-65535 192.168.1.100
 
  
 
And the nmap site is nmap.org now. But www.insecure.org is still there.
 
And the nmap site is nmap.org now. But www.insecure.org is still there.
Line 17: Line 24:
 
== v3 Review Comments ==
 
== v3 Review Comments ==
  
Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the specific application we're assessing. IMHO.<br>
+
Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the application(s) we're assessing. IMHO.<br>
 +
May this section should be renamed to something like "Discovery of web server services and web applications on a host".
 
[[User:Rick.mitchell|Rick.mitchell]] 09:55, 3 September 2008 (EDT)
 
[[User:Rick.mitchell|Rick.mitchell]] 09:55, 3 September 2008 (EDT)
 +
 +
 +
== Merge with  (OWASP-IG-004) ==
 +
This article should be merged with 4.2.4 Testing for Web Application Fingerprint (OWASP-IG-004)  and renamed to web server finger printing as both these pages talk about server level finger printing.
 +
 +
also if i may put forward I have tried to cover some steps of web application finger printing here : http://anantshri.info/articles/web_app_finger_printing.html
 +
I hope this could be of some use in the correct page of web application finger printing.
 +
 +
--[[User:Anant Shrivastava|Anant Shrivastava]] 06:05, 18 July 2011 (EDT)

Latest revision as of 17:25, 5 August 2013

Contents


Subdomain Brute Forcing

I think, if in scope, subdomains should be brute forced to find additional applications.

NMAP Changes?

Hi, what do you think to change the nmap command, and the nmap site?

Latest nmap change some parameters like -P0 to -PN. -P0 is obsolete.

Sample command should be now: nmap –PN –sT –sV –p1-65535 192.168.1.100

If fact, nmap has the abilily to scan port number 0, so we can do better with:

nmap –PN –sT –sV –p0-65535 192.168.1.100

And the nmap site is nmap.org now. But www.insecure.org is still there.

cheers --Unusuario 15:36, 2 April 2008 (EDT)

v3 Review Comments

Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the application(s) we're assessing. IMHO.
May this section should be renamed to something like "Discovery of web server services and web applications on a host". Rick.mitchell 09:55, 3 September 2008 (EDT)


Merge with (OWASP-IG-004)

This article should be merged with 4.2.4 Testing for Web Application Fingerprint (OWASP-IG-004) and renamed to web server finger printing as both these pages talk about server level finger printing.

also if i may put forward I have tried to cover some steps of web application finger printing here : http://anantshri.info/articles/web_app_finger_printing.html I hope this could be of some use in the correct page of web application finger printing.

--Anant Shrivastava 06:05, 18 July 2011 (EDT)