How to use Comments and Metadata Information to Gather Intelligence for Penetration Testing

May 11, 2021 No Comments Cyber defense, cybersecurity, Online security, Penetration testing, Pentest, System security admin

The head section of web pages contains troves of information that can be used to ensure that the site is efficiently crawled or positioned for search engine optimization. There is information about the name of the author, the description of the page, and the language used on the web page.
Some sites have information about the Twitter account, the URL address where the images are hosted, about other relevant URL addresses that are connected to the website.

I have viewed some source files that contained information about the forms and the input section of the form. For sites that use Google Analytics, you will see information about the Google Analytics account. Other types of information you may find by investigating the source file may include the name and type of third-party framework. All these types of information that I mentioned can provide a lead for a malicious hacker. If your web page reveals some of the types of information I mentioned here, you may need to take remediated action to ensure that no vulnerable information is exposed.

Previous Post Next

Tags

cyber defense cybersecurity cybersecurity awareness cybersecurity tips defensive cyber defense Elearning Elearning podcast Elearning technology ethical hacking metadata remote work

admin

Use Defensive Cybersecurity to Mitigate Cyber attack July 28, 2021

The Human Factor in a Ransomware Attack Part-2 June 17, 2021

Gathering Penetration Testing Intelligence from Network and Application Platform Configuration June 1, 2021

Security Implication of Web Frameworks May 18, 2021

How to Use Robots.txt File to Gather Intelligence for Penetration Testing April 27, 2021

Gathering Information for Penetration Testing Using Search Engines Discovery and OWASP ZAP April 20, 2021

Penetration Testing Information Gathering for Web Server Fingerprinting April 15, 2021

Approaches to Penetration Testing April 7, 2021

Tool Selection for Penetration Testing March 23, 2021

Selection of Tools for Penetration Testing June 30, 2020

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

iDigital classroom

How to use Comments and Metadata Information to Gather Intelligence for Penetration Testing

How to use Comments and Metadata Information to Gather Intelligence for Penetration Testing

Leave a reply
Cancel reply

How to use Comments and Metadata Information to Gather Intelligence for Penetration Testing

How to use Comments and Metadata Information to Gather Intelligence for Penetration Testing

Leave a reply Cancel reply

Leave a reply
Cancel reply