June 2017
Intermediate to advanced
338 pages
8h 28m
English
The Checks section is where the nitty-gritty details of what vulnerabilities we'll test against are offered. Each of the checks is either an active or a passive check, and we can enable all or some of them depending on the need. In this case, we have plenty of information on the DVWA's framework, but we have no clue as to what they will be subjected to. If this was truly a black-box scan, and we were trying to stay covert, I might omit all active checks (seen in following figure) in earlier scans and wait until I am able to conduct this from a less-suspicious host closer to the web server.

Read now
Unlock full access