Burp Suite Target: This tool allows you to visualize your target application’s contents in a folder structure hierarchy that corresponds to the site’s URL structure. This section shows all of the content that has been is covered until now, by manually browsing the site’s pages.Proxy: This is the main engine of Burp, which allows it … Read more
Web application scanning using WMAP WMAP is a feature-rich web application vulnerability scanner that was originally created from a tool named SQLMap. This tool is integrated with Metasploit in the form of a plugin. It allows us to conduct web application scanning from within the Metasploit Framework.
Injection flaws are very common in applications today. These flaws occur because user controlled input is interpreted as actual commands or parameters by the application. Injection attacks depend on what technologies are being used and how exactly the input is interpreted by these technologies. Some common examples include: SQL Injection: This occurs when user controlled … Read more
