PRACTICAL NO. 6

Aim: To perform exploitation-related analysis on web-based applications using security assessment tools.

Procedure: Exploiting Web-Based Applications
Step 1: WAF Detection Using Nmap

Run Nmap HTTP WAF detection script to identify the presence of a Web Application Firewall.

sudo nmap -vv -p 80 --script http-waf-detect <TARGET_WEBSITE> (www.testfire.net)

Step 2: WAF Detection Using Wafw00f

Identify the Web Application Firewall protecting the target website.

wafw00f <TARGET_WEBSITE_URL> (https://demo.owasp-juice.shop/)

Step 3: Load Balancer Detection

Check whether the target website is behind a load balancer.

sudo lbd <TARGET_WEBSITE> (www.hdfcbank.com)

Step 4: WordPress Vulnerability Scan

Scan a WordPress website for known vulnerabilities using WPScan.

wpscan --url <WORDPRESS_WEBSITE_URL> (https://wpdemo.net/)

Step 5: Install HTTrack

Install the HTTrack website mirroring tool.

sudo apt install -y httrack

Step 6: Website Mirroring

Download a local copy of the target website using HTTrack.

httrack <TARGET_WEBSITE> -O <OUTPUT_FOLDER> (www.testfire.net testfire)

Step 7: Navigate to Downloaded Files

Change directory to the mirrored website folder.

cd <OUTPUT_FOLDER> (testfire)

Step 8: List Downloaded Files

Display all files downloaded by HTTrack.

ls

Step 9: Install DirBuster

Install DirBuster directory brute-forcing tool.

sudo apt install -y dirbuster

Step 10: Run DirBuster

Launch DirBuster to enumerate hidden directories and files on the target website.

dirbuster