Friday, August 23, 2013

Juicy Areas of Web Application For Pentesters

In this tutorial I am going to write small things which everyone knows already but I am trying to convey it in another manner of checklist. I am going to talk on some juicy areas for pen tester. Mainly it will be focusing on fingerprinting concept. While doing fingerprinting of any website, which are the areas mainly a pen tester or web application security analyst should target at high priority.

First thing to check is the server name and the version information. This information is really helpful to pen testers because older versions have already exploits in market. So If they got older server version they can directly check whether that exploit is working or not.