Home » Story links » Param's story links

Web Application Footprints and Discovery [ PDF ]

Link: http://www.net-square.com/whitepapers/WebApp_Footprints_Disc...
Points: 604 views User: Param Comments: 0 Comments Tag:

Web application assessment begins with IP address and ports (80/443) – this is very common practice. But there is flaw in this method. What if a web server is running with multiple virtual hosts? In other words, one server is running more than one web application.

In such a scenario, a web application assessment done on such IP/Port combinations may fail and produces partial results. Doing a reverse DNS on the IP and using it as HOST field in HTTP is an option, but may also fail most of the time.

So, where does the solution to this problem lie? The solution lies in the WHOIS information database and DNS server. This paper describes how to fetch this information and follow up with the discovery process for web applications.


Email: Email this Story to a Friend

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.