DDAY - another 4-5 Day

DDAY - another 4-5 Day 
Some Tip: Maybe it will help you but maybe can mess you workload yes you can do it . Do some cheat sheet for item below. YES " I`m System Administrator" LoL!!!!

 

Web Server Configuration Checking 
1) Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE) 
2) Verify Web Server version
3) Vulnerable Web Server such file disclosure and possible code execution.

Parameter Manipulation Checks: 
1) Cross-Site Scripting (XSS)
2) Cross-Site Request Forgery (CSRF)
3) SQL Injection
4) Code Execution
5) Directory Traversal
6) HTTP Parameter Pollution
7) File Inclusion
8) Script Source Code Disclosure
9) CRLF Injection 
10) Cross Frame Scripting (XFS) 
11) PHP Code Injection 
12) XPath Injection
13) Path Disclosure (Unix and Windows) 
14) LDAP Injection 
15) Cookie Manipulation 
16) Arbitrary File creation 
17) Arbitrary File deletion 
18) Email Injection
19) File Tampering 
20) URL redirection 
21) Remote XSL inclusion 
22) DOM XSS 
23) MultiRequest Parameter Manipulation : Blind SQL/XPath Injection 
24) Input Validation 
25) Buffer Overflows 
26) Sub-Domain Scanning

File Checks: 
1) Checks for Backup Files or Directories - Looks for common files (such as logs, application traces, CVS web repositories)
2) Cross Site Scripting in URI 
3) Checks for Script Errors

File Uploads: 
1) Unrestricted File uploads Checks

Directory Checks: 
1) Looks for Common Files (such as logs, traces, CVS) 
2) Discover Sensitive Files/Directories 
3) Discovers Directories with Weak Permissions 
4) Cross Site Scripting in Path and PHPSESSID Session Fixation. 
5) Web Applications 
6) HTTP Verb Tampering

Text Search: 
1) Directory Listings 
2) Source Code Disclosure 
3) Check for Common Files 
4) Check for Email Addresses 
5) Microsoft Office Possible Sensitive Information 
6) Local Path Disclosure 
7) Error Messages 
8) Trojan shell scripts (such as popular PHP shell scripts like r57shell, c99shell etc)

Weak Password Checks: 
1) Weak HTTP Passwords 
2) Authentication attacks 
3) Weak FTP passwords

GHDB Google Hacking Database: 
1) Over 1200 GHDB Search Entries in the Database

Port Scanner and Network Alerts: 
1) Finds All Open Ports on Servers 
2) Displays Network Banner of Port 
3) DNS Server Vulnerability: Open Zone Transfer 
4) DNS Server Vulnerability: Open Recursion 
5) DNS Server Vulnerability: Cache Poisoning 
6) Finds List of Writable FTP Directories 
7) FTP Anonymous Access Allowed 
8) Checks for Badly Configured Proxy Servers 
9) Checks for Weak SNMP Community Strings 
10) Finds Weak SSL Cyphers

Use any penetration testing tools to check & verify including: 
1)Input Validation
2) Authentication attacks 
3) Buffer overflows 
4) Blind SQL injection
5) Sub domain scanning

 

 

https://www.facebook.com/groups/owaspmy/868194986569654/