Map Execution Paths

Check List

Map the target application and understand the principal workflows.

Cheat Sheet

Path

Burp Suite

Mapping a Website with Burp Suite

Burp Suite > Target > Site map > Right Click on One Domain > Engagement tools > Analyze Target

Crawling a Website with Burp Suite

Burp Suite > ِDashbord > New Scan > Use Web app Scan > Use a preset scan mode > Analyze Target in Summary

FeroxBuster

feroxbuster --url $WEBSITE -C 200 -x php

DirSearch

dirsearch -u $WEBSITE -w /usr/share/seclists/Discovery/Web-Content/raft-large-directories.txt –x php

Data Flow

BurpSuite

Burp Suite > Target > Site map > Analyze Three Domain

Race

BurpSuite

Burp Suite > Target > Right Click on One Domain > Extensions > Turbo intruder > send to turbo intruder > Add to WordList path in line "for word in open('/usr/share/dict/words')" > Attack

PreviousIdentify Application Entry Points NextFingerprint Web Application Framework

Last updated 1 month ago

Was this helpful?