Anton Lopanitsyn - Initial reconnaissance of web applications.

0c988f4618b436b14ce6ddcecd52d11d?s=47 DC7499
November 10, 2018

Anton Lopanitsyn - Initial reconnaissance of web applications.

Often, everything that is right in front of your eyes is being checked more meticulously than parts inaccessible to the average user. We are looking for hidden functionality of web applications for the subsequent search for vulnerabilities.

0c988f4618b436b14ce6ddcecd52d11d?s=128

DC7499

November 10, 2018
Tweet

Transcript

  1. Предварительная разведка веб-приложений Bo0oM

  2. subdomain enumeration • theharvester • recon-ng • aquatone • Sn1per

    • Massdns • Aquatone • Amass
  3. directory enumeration • Dirbuster • Dirsearch • Wfuzz • Hehdirb

  4. None
  5. None
  6. diff Length - 5 Length - 5

  7. Расстояние Левенштейна

  8. SLIDE NAME

  9. Дерево DOM Document Object Model

  10. Обогащение словаря

  11. Обогащение словаря

  12. Обогащение словаря

  13. Обогащение словаря PARSE_JS = False: python3 ParamPP.py -u "https://vk.com/login" ['m',

    'b', 'u', 'al’] PARSE_JS = True: python3 ParamPP.py -u "https://vk.com/login" ['b', 'm', 'al', 'async', 'u', 'ad_video']
  14. Ограничение веб-серверов

  15. Param-Pam-Pam https://github.com/Bo0oM/ParamPamPam #TODO • Json data • Keep-alive • Ченить-там-еще

  16. Param-miner

  17. Q? @i_bo0om @webpwn