O'Reilly logo

The Basics of Web Hacking by Josh Pauli

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3

Web Application Recon and Scanning

Chapter Rundown:

■ Web traffic demystified with a web proxy

■ Why Burp Suite is a web hacker’s go-to toolkit

■ Recon with Burp Spider: finding all web resources made easy

■ The good & bad of web application scanning

■ Scanning with Zed Attack Proxy (ZAP) and Burp Scanner

Introduction

The recon and scanning phases for the web application will provide detailed information about the resource (pages, files, directories, links, images, etc.) that make up the web application. These are very important pieces of information that will be used during web application exploitation later in our approach.

Performing web application recon involves discovering every single resource that the application interacts with so that ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required