Understand the core functionality implemented within the application

■

Identity all features of the application’s functionality and behavior that

■

Formulate a plan of attack prioritizing the most interesting-looking func-

Mapping the application is a key prerequisite to attacking it. While it may be

tempting to dive straight in and start probing for actual bugs, taking time to

gain a sound understanding of the application’s functionality, technologies,

and attack surface will pay dividends down the line.

As with almost all of web application hacking, the most effective approach

is to use manual techniques supplemented where appropriate by controlled

automation. There is no fully automated tool that can carry out a thorough

mapping of the application in a safe way. To do this, you need to use your

hands and draw on your own experience. The core methodology we have out-

lined involves:

■■

Manual browsing and user-directed spidering, to enumerate the appli-