Tag: Security

Business

Optimizing ZAP Scan

Overview Is your ZAP scan taking hours to complete? Maybe even a day to two? Not everyone has the luxury to wait for a 24hr ZAP scan to complete. This is the problem many people face and is what we will be tackling. In this article, we will discuss the variables that affect the duration of the scan and optimise zap scans. Optimise Zap Scans - What Affects a ZAP Scan? Server Hardware and network are one factor that affects the speed of a ZAP scan. So you could get better equipment, but the target equipment is also another factor that we can't control. Thus, let's focus on the configuration of the ZAP application itself. When running an automated scan, there are 2 things that occur, the spidering (which is also part of the passive scan) and the active scan. Each of these co...
Business

ZAP Command Line

ZAP is mostly executed from the GUI, but ZAP can also be executed from the command line. This is great if you want to run a quick scan on your target or want to automate it. If you haven't read How to use OWASP ZAP - Open Source Vulnerability Scanner, I suggest you read it first to have a better understanding of ZAP before moving on to the command line. ZAP Command Line (CLI) Executing ZAP from the command line is limited as you will not be able to specify anything using the command line arguments alone. This means you may not be able to use other scanning features such as fuzzing, ajax spidering, brute force, etc. You can specify some variables by using the -autorun command with an automation file from the automation framework. You can read more about that in How to Autom...
Business

How to use OWASP ZAP – Open Source Vulnerability Scanner

Overview OWASP ZAP is an open-source web application vulnerability scanner that runs on Java11+. It has features such as spidering, passive scanning, active scanning, fuzzing, automation, API and more. ZAP is available on operating systems such as Windows, Linux, Mac and cross platforms. You can download ZAP from here. If you are using Kali Linux, it comes preinstalled. In this article, we will discuss how to use ZAP, its features and results to take note of. How to use ZAP ZAP can be executed through the Automated Scan or the Manual Explore option. Automated Scan This method is an automatic scan. It is the main feature of ZAP. First, enter the URL to attack, and select a spider to use (traditional or ajax). Next, click attack and let it run to comp...
Business

Ffuf – URL Directory Finder/Fuzzer

Overview Ffuf (Fuzz Faster U Fool) is a URL Fuzzer (a.k.a. URL Directory Finder/Browser). This tool can discover hidden, sensitive or vulnerable files and routes in web applications and servers. Essentially, you give the tool a wordlist and it will brute force directories, showing if it is a valid directory or not. And conveniently, it comes preinstalled on Kali Linux installations. Some tools you may be similar to Ffuf are : Wfuzz (very similar to Ffuf) Dirb (single thread only) Dirbuster (has a GUI but often crashes) Gobuster Generally, they all do the same thing, with slight differences like: The reliability of the tool (the tool crashing) The efficiency of the tool (single thread vs multi-thread) The options provided (filtering capabilities) Th...
Business

Wappalyzer – Website Technology Identifier

Overview In the information-gathering stage of penetration testing, we must know the technologies used by the target so that we can plan our attacks. One tool that can help with this is Wappalyzer, a website technology identifier. Wappalyzer is a tool that identifies technologies used on a website, such as CMS, web frameworks, eCommerce platforms, JavaScript libraries, analytics tools and more. It is also fast and easy to use. Wappalyzer is a free tool but more advanced services like access to their API require a monthly subscription. Fortunately, Wappalyzer is an open-source project, so you download their code from their GitHub. How to use Wappalyzer Wappalyzer lookup The simplest way to use Wappalyzer is through their website lookup page. Simply input the URL of...
Android VS IOS Which One is Better For You
Availability, Security

Android VS IOS Which One is Better For You

Because mobile devices have become so ingrained in our lives, picking a secure platform in the face of a constantly evolving threat landscape is absolutely essential. Because mobile devices store so much of our personal information, choosing a secure smartphone is essential if you want to avoid malware, hack assaults, and data breaches. Since Android and iOS are the most widely used mobile operating systems, there has long been controversy around them. The fact that Android smartphones continue to be popular despite being perceived as "unsecure" is undoubtedly what fuels the debate. possesses 75% of the market share. Apple phones, on the other hand, only account for 21% of the market. Why then do Android phones continue to be widely used despite their dubious security reputation? Is iO...
DNSrecon – DNS Reconnaissance for Pentesting
Business

DNSrecon – DNS Reconnaissance for Pentesting

Overview The first stage of penetration testing is reconnaissance (information gathering). One method of reconnaissance is by gathering the target's DNS information, such as DNS records and DNS servers. This information can be used to piece together the network infrastructure of an organization. Additionally, it does not trigger an alert from the organisation's firewall or IDS/IPS. A tool that helps us accomplish this is DNSrecon. As the name implies, DNSrecon is a DNS reconnaissance tool that can extract DNS-related information from a website/domain. Here is a list of its features (according to the source repository): Check all NS Records for Zone Transfers. Enumerate General DNS Records for a given Domain (MX, SOA, NS, A, AAAA, SPF and TXT). Perform common S...
Business

5 Popular Open Source Tools for Reconnaissance

Overview In penetration testing, reconnaissance (information gathering) is the first step to analyse the target and explore its attack surface. It is a crucial step to determine the ways that the target could be exploited. In this article, we will explore the 5 essential and popular open-source tools for reconnaissance for penetration testing. We will be covering the following tools: Wappalyzer - Website Technology Identifier DNSrecon - DNS-related information gathering Sublit3r - Subdomain finder theHarvester - Email Finder (for social engineering) Ffuf - URL Fuzzer/Finder Wappalyzer Wappalyzer is software that identifies technologies in a web application such as CMS, web frameworks, eCommerce platforms, JavaScript libraries, analytics tools and more....