Web Enumeration Methodology
A Beginner’s friendly approach for OSCP ,CTFs and Web App Pen-testing.
This article will describe the basics of Web Enumerations and is aimed at Beginners. It starts with basics and then gradually build up to more advanced techniques.
Table of Contents
-Introduction
-Enumerate and Make Notes
-Find out the Ports
-View Page Source
-Well Known Files
-Virtual Hosts
-Web Directories Busting
-Subdomains
-Web Technologies used
-Usernames
-Brute Force Login Pages
-SQL Injection in Login Pages
-Local File Inclusion(LFI)
-Cookies Manipulation and De-serialization Vulnerabilities
Introduction
Pen Testing is all about a structured approach towards a target. You can call it having a Methodology without which it is just a guessing game and trying things randomly, doing that might give you success initially but in the long run you must have an approach.
