W3-Scrape - A Windows based Reconnaissance Tool for Web Application Fingerprinting
نویسندگان
چکیده
Web Application finger printing is a quintessential part of the Information Gathering phase of (ethical) hacking. It allows narrowing down the specifics instead of looking for all clues. Also an application that has been correctly recognized can help in quickly analyzing known weaknesses and then moving ahead with remaining aspects. This step is also essential to allow a pen tester to customize its payload or exploitation techniques based on the identification so to increase the chances of successful intrusion. This paper presents a new tool “W3-Scrape” for the relatively nascent field of Web Application finger printing that helps automate web application fingerprinting when performed in the current scenarios.
منابع مشابه
Analysis of Paradoxes in Fingerprint Countermeasures
The widespread usage of new user tracking methods, i.e. web-based fingerprinting, is becoming a serious privacy concern as third parties try to track users across different websites. Meanwhile, it is usually difficult or impossible for users to opt-out fingerprinting if they want to fully benefit the services provided by the application or website. Several studies tried to address the privacy i...
متن کاملTraffic capacity testing a web environment with transaction based tools
A common server configuration that has emerged for supporting Web based applications is the Web Server, Application Server, and Database Server arrangement. This paper discusses a specific traffic capacity testing experience with this server combination for a Windows environment using a transaction oriented load generator instead of a traditional virtual user script based tool. Both challenges ...
متن کاملUncovering identities: A study into VPN tunnel fingerprinting
Operating System fingerprinting is a reconnaissance method which can be used by attackers or forensic investigators. It identifies a system's identity by observing its responses to targeted probes, or by listening on a network and passively observing its network ‘etiquette’. The increased deployment of encrypted tunnels and Virtual Private Networks (VPNs) calls for the formulation of new finger...
متن کاملPenetration Testing and Mitigation of Vulnerabilities Windows Server
Cyber attack has become a major concern over the past few years. While the technical capability to attack has declined, hacking tools both simple and comprehensive are themselves evolving rapidly. Certain approaches are necessary to protect a system from cyber threats. This work engages with comprehensive penetration testing in order to find vulnerabilities in the Windows Server and exploit the...
متن کاملConcurrent Web-Programming in CLP(WEB)
Recent research has placed emphasis on the need for support for concurrency in the context of programming for the World-Wide Web (W3). Frameworks like WebL, LogicWeb, and Jinny make concurrency a key component of their W3 support. In this work we analyze the concurrent capabilities of CLP(WEB), a W3-oriented logic-based concurrent framework. CLP(WEB) offers two forms of concurrency, or-concurre...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1306.6839 شماره
صفحات -
تاریخ انتشار 2013