Course 27 - Hacking Web Applications, Penetration Testing, CTF | Episode 14: Web Essentials: Files, Extensions, and Enumeration

No se pudo agregar al carrito

Solo puedes tener X títulos en el carrito para realizar el pago.

Add to Cart failed.

Por favor prueba de nuevo más tarde

Error al Agregar a Lista de Deseos.

Por favor prueba de nuevo más tarde

Error al eliminar de la lista de deseos.

Por favor prueba de nuevo más tarde

Error al añadir a tu biblioteca

Por favor intenta de nuevo

Error al seguir el podcast

Intenta nuevamente

Error al dejar de seguir el podcast

Intenta nuevamente

Course 27 - Hacking Web Applications, Penetration Testing, CTF | Episode 14: Web Essentials: Files, Extensions, and Enumeration

Escúchala gratis

Ver detalles del espectáculo

This episode explores the fundamental web files and extensions that are critical for both web development and security enumeration. It provides a detailed breakdown of how automated programs, such as search engine crawlers, interact with web servers and how these interactions can reveal sensitive information. Key topics include:

Instructional Web Files: The episode covers robots.txt, which provides instructions to web robots regarding crawl delays and indexing restrictions. It also examines sitemap.xml, which serves as a roadmap for a website to ensure search engines can find all important pages.
Enumeration Techniques: Guidance is provided on how to manually and automatically enumerate these files using tools like Nmap (via scripts like http-robots.txt and http-sitemap-generator) and Metasploit to discover pages that developers might not want indexed.
Default Pages and Information Disclosure: You will learn about common default web pages (e.g., index.html, index.php) and how identifying these files can disclose specific details about the web server to an attacker.
Data Handling and Extensions: The episode identifies common file extensions for compressed archives (e.g., .zip, .tar.gz) and database files (e.g., .sql, .db, .sqlite). It also provides practical instructions for using the tar command for file compression and SQLite 3 or DB Browser for SQLite for managing database content.
Git Fundamentals: Finally, the session introduces essential Git commands such as init, clone, commit, and push for managing code repositories.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy

Todavía no hay opiniones