Chapter 5. Web Application Information Gathering

In this chapter, we will cover the following recipes:

  • Setting up API keys for recon-ng
  • Using recon-ng for reconnaissance
  • Gathering information using theharvester
  • Using DNS protocol for information gathering
  • Web application firewall detection
  • HTTP and DNS load balancer detection
  • Discovering hidden files/directories using DirBuster
  • CMS and plugins detection using WhatWeb and p0f
  • Finding SSL cipher vulnerabilities


One of the most important phases of an attack is information gathering.

To be able to launch a successful attack, we need to gather as much as information as possible about our target. So, the more information we get, the higher the probability of a successful attack.

It is also important ...

Get Kali Linux Intrusion and Exploitation Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.