Web application hacks

Discovering, profiling, and fuzzing web applications is a great way to gain some Reconnaissance information about your targets that happen to run some sort of web application. This information will allow you to know what exactly you have on your network to work with, and where you can possible go next. We will first start with a tool such as dotdotpwn to accomplish some fuzzing, as well as utilizing w3af to check for vulnerabilities.

DotDotPwn

Dotdotpwn is a multi-protocol fuzzer to discover traversal directory vulnerabilities. Fuzzers provide a testing technique that looks for poor coding or security loopholes in software applications such as web servers or even operating systems. The ultimate goal is to find these vulnerabilities ...

Get Penetration Testing with Raspberry Pi - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Penetration Testing with Raspberry Pi - Second Edition by Michael McPhee, Jason Beltrame

Web application hacks

DotDotPwn

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly