Performing information gathering
We are going to start collecting information about the targets. The most basic way to detect information about the technology used in a specific application and to determine potential security issues is to first navigate all through the application, use the normal flows, detect and take note of each entry point in the application, and add the different URLs that are interesting to us to the Scope option in the Target tool.
Port scanning
In a real assessment, an agreement between the person or company that is reviewing the application and the application's owners is established. This is one of the first steps involved in detecting the services.
This task is usually carried out using Nmap (https://nmap.org/), which is a command-line tool that is used to detect ports and services running on a remote host. Using Nmap is not complicated; you can just type nmap
on a command line to see all the different options we have, as shown in the following screenshot:
To perform...