The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

may reach different content and code paths within the application

Download 5,76 Mb.

Pdf ko'rish

bet	119/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 115 116 117 118 119 120 121 122 ... 875

Bog'liq
3794 1008 4334

Spider, check the Linked From details. Using your browser, access the item manually, so that the response from the server is parsed by the
Optionally, tell the tool to actively spider the site using all of the already

may reach different content and code paths within the application.

■

Review the site map generated by the proxy/spider tool, and identify any

application content or functions that you did not browse manually.

Establish how the spider enumerated each item — for example, in Burp

Spider, check the Linked From details. Using your browser, access the

item manually, so that the response from the server is parsed by the

proxy/spider tool to identify any further content. Continue this step

recursively until no further content or functionality is identified.

■

Optionally, tell the tool to actively spider the site using all of the already

enumerated content as a starting point. To do this, first identify any URLs

that are dangerous or likely to break the application session, and config-

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 115 116 117 118 119 120 121 122 ... 875