User-Directed Spidering

April 17, 2020April 17, 2020 Krishna Burp Suite, html, http, HTTP and HTML analysis, Mapping the Application, proxy/spider tool, URL, User-Directed Spidering, WebScarab

This is a more sophisticated and controlled technique, which is usually preferable to automated spidering. Here, the user walks through

Tutorial Web Hosting Website

Enumerating Content and Functionality

April 17, 2020 Krishna application uses, Burp Spider, Enumerating Content and Functionality, Mapping, Mapping the Application, Paros, spiders, URL, Web Spidering, WebScarab

In a typical application, the majority of the content and functionality can be identified via manual browsing. The basic approach

Tutorial Web Hosting Website

Mapping the Application

April 17, 2020 Krishna application, application mapping, attacking an application, Mapping the Application, VULNERABILITIES

The first step in the process of attacking an application is to gather and examine some key information about it,

Tutorial Web Hosting Website

Encoding Schemes

April 17, 2020 Krishna ASCII characters, ASCII code, Base64 Encoding, Encoding Schemes, Hex Encoding, HTML Encoding, Unicode Encoding, URL Encoding, Web Application Technologies

Web applications employ several different encoding schemes for their data. Both the HTTP protocol and the HTML language are historically

Tutorial Web Hosting Website

State and Sessions

April 15, 2020April 15, 2020 Krishna application, ASP.NET, functionality, HTTP cookies, HTTP protocol, server-side application, server-side structure, session, State and Sessions, TECHNOLOGIES, Web Application Technologies

The technologies described so far enable the server and client components of a web application to exchange and process data

Tutorial Web Hosting Website

Client-Side Functionality

April 15, 2020 Krishna ActiveX controls, Client-Side Functionality, Forms, html, HTTP Requests, Hyperlinks, hypertext markup lan- guage (HTML), Java applets, JavaScript, Thick Client Components, URL, Web Application Technologies

In order for the server-side application to receive user input and actions, and present the results of these back to

Tutorial Web Hosting Website

Web Functionality

April 15, 2020 Krishna Administrative front ends, Apache, ASP.NET, Authentication, Bulletin boards, Database object relational mapping, Enterprise Java Bean, HTTP cookies, Java Servlet, Linux, Logging, Microsoft’s web application, MySQL, Photo galleries, PHP, Plain Old Java Object, Presentation layer, Server-Side Functionality, Shopping carts, The Java Platform, URL query string, Web application platforms, Web Application Technologies, web container, Web Functionality, Web mail, Wikis

In addition to the core communications protocol used to send messages between client and server, web applications employ numerous different

Tutorial Web Hosting Website

HTTPS

April 15, 2020 Krishna authentication mechanism, basic, Digest, HTTP Authentication, HTTP protocol, HTTP Proxies, HTTP proxy server, HTTP/S, NTLM, proxy server, Secure Sock- ets Layer (SSL), transport layer security, transport mechanism, Web Application Technologies

The HTTP protocol uses plain TCP as its transport mechanism, which is unencrypted and so can be intercepted by an

Tutorial Web Hosting Website

Status Codes

April 15, 2020 Krishna 100 Continue, 200 Ok, 201 Created, 301 Moved Permanently, 302 Found, 304 Not Modified, 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 405 Method Not Allowed, 413 Request Entity Too Large, 414 Request URI Too Long, 500 internal server error, 503 Service Unavailable, Status Codes, Web Application Technologies

Each HTTP response message must contain a status code in its first line, indicating the result of the request. The

Tutorial Web Hosting Website

Cookies

April 15, 2020April 15, 2020 Krishna cookie mechanism, Cookies, domain, Expires, http, HTTP protocol, secure, Set-Cookie, Web Application Technologies

Cookies are a key part of the HTTP protocol which most web applications rely upon, and which can frequently be

Eduguru

Author: Krishna