Gathering Information for Penetration Testing Using Search Engines Discovery and OWASP ZAP

Gathering Information for Penetration Testing Using Search Engines Discovery and OWASP ZAP
April 20, 2021 No Comments Cyber defense, cybersecurity, Online security, Penetration testing, System security admin

Using a search engine discovery is another great option for gathering intelligence about a penetration testing target. A search engine query can be direct or indirect. The direct method is where the search engine can be sued to dig into the indexes and contents from caches. The indirect method is where sensitive information such as the design and configuration of the website could be assessed by searching about the target in forums or social media sites.
To proceed with trying to understand how to find out of there is a sensitive design and configuration vulnerability in an application or a website, try to use some of the search engines such as Chrome, Baidu, Bing, Duck Duck Go, and Punkspider.

Tags

Leave a reply

Your email address will not be published.