Understanding Information Gathering in Web Application Penetration Testing
What is Information Gathering in Penetration Testing?
Information gathering, as the name suggests, is all about gathering information about the target system or network. It is the first and one of the most crucial steps in penetration testing.
Here, the pen testers try to find as much information as possible about the target. The level of information helps in making the process of finding vulnerabilities easier. This information can include identification of the owner of the target/organization, server location, IP addresses, tech stack in use, network information, and more.
For gathering information, various types of tools, techniques, as well as public resources are used.
Test your knowledge with a quick quiz!
The process of knowing about target, directly and indirectly, is called _________
Select the correct answer
Methods of Information Gathering in Web App Pentesting
Following are the primary information gathering methods in web penetration testing:
-
Footprinting
Footprinting involves collecting information about the target network or system using distinct techniques for intrusion. It also helps in determining the security posture of the target machine.
Hackers can use both active and passive footprinting. In active footprinting, the hackers use certain techniques and tools to connect with the target machine. It can include the use of ping sweep or commands.
On the other hand, passive footprinting includes a collection of the target’s information and data that is publicly available. For instance, gathering information through the website, social media handles, etc.
While doing footprinting as part of penetration testing, three kinds of footprinting are usually done. These include open source footprinting, network-based footprinting, and DNS interrogation.
-
Scanning
Scanning includes a number of processes like identification of hosts, ports, services running on the target network.
The attackers do scanning to find an overview of the target and detect the possibilities of rolling out attacks. They check out the missing patches, weak authentication, and encryption algorithms, etc.
-
Enumeration
At the stage of enumeration, the attackers initiate the process of compromising the vulnerabilities or weaknesses in the target. Most of the details are found from open ports. These details can be usernames, user groups, machine names, banners, DNS details, IP tables, and more.
Test your knowledge with a quick quiz!
Which one is not a part of Information Gathering?
Select the correct answer
Introduction to Information Gathering
Introduction to Information Gathering
Information Gathering Using Burpsuite
Information Gathering Using Burpsuite
It’s Quiz Time!
