GitBook: [master] one page modified
This commit is contained in:
parent
6e39506335
commit
7589f8aef7
@ -241,21 +241,13 @@ _Note that anytime a new directory is discovered during brute-forcing or spideri
|
||||
* Look for **links** to other files inside the **CSS** files.
|
||||
* [If you find a _**.git**_ file some information can be extracted](git.md)
|
||||
* If you find **API endpoints** you [should also test them](api-pentesting.md). These aren't files, but will probably "look like" them.
|
||||
|
||||
#### JS code
|
||||
|
||||
The **JS code** of a web application can be really interesting: It could contain **API keys**, **credentials**, other **endpoints**, and understanding it you could be able to **bypass security measures**.
|
||||
It could be also very useful to **parse** the **JS files** in order to search for other **endpoints:** **\(wrap of LinkFinder\),** **.**
|
||||
Another interesting approach could be **monitoring the JS files** with a tool like [**JSMon**](https://github.com/robre/jsmon) that checks for changes.
|
||||
You should also **check** if the application is using any **outdated** and **vulnerable javascript library** with: [**RetireJS**](https://github.com/retirejs/retire.js/)
|
||||
|
||||
If the **javascript** code is **obfuscated**, these tools could be useful:
|
||||
|
||||
* **Javascript Deobfuscator and Unpacker** \([https://lelinhtinh.github.io/de4js/](https://lelinhtinh.github.io/de4js/)\)
|
||||
* **Javascript Beautifier** \([http://jsbeautifier.org/](https://beautifier.io/)\)
|
||||
* **BrainFuck deobfuscation** \(javascript with chars:"\[\]!+" [https://ooze.ninja/javascript/poisonjs/](https://ooze.ninja/javascript/poisonjs/)\)
|
||||
|
||||
In several occasions you will need to **understand regular expressions** used, this will be useful: [https://regex101.com/](https://regex101.com/)
|
||||
* **JS files**: In the spidering section several tools that can extract path from JS files were mentioned. Also, It would be interesting to **monitor each JS file found**, as in some ocations, a change may indicate that a potential vulnerability was introduced in the code. You could use for example [**JSMon**](https://github.com/robre/jsmon)**.**
|
||||
* You should also check discovered JS files with [**RetireJS**](https://github.com/retirejs/retire.js/) ****to find if it's vulnerable.
|
||||
* **Javascript Deobfuscator and Unpacker** \([https://lelinhtinh.github.io/de4js/](https://lelinhtinh.github.io/de4js/)\)
|
||||
* **Javascript Beautifier** \([http://jsbeautifier.org/](https://beautifier.io/)\)
|
||||
* **BrainFuck deobfuscation** \(javascript with chars:"\[\]!+" [https://ooze.ninja/javascript/poisonjs/](https://ooze.ninja/javascript/poisonjs/)\)
|
||||
* In several occasions you will need to **understand regular expressions** used, this will be useful: [https://regex101.com/](https://regex101.com/)
|
||||
* You could also **monitor the files were forms were detected**, as a change in the parameter or the apearance f a new form may indicate a potential new vulnerable functionality.
|
||||
|
||||
#### 403 Forbidden/Basic Authentication/401 Unauthorized \(bypass\)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user