Web Recon
Gotta love the internet
Fuzz for backdoors and params
Find & Enum
After port scanning and finding web servers.
Brute force directories
Using ffuf
Login & Authentication brute force
HTTP Basic Authorization Header Brute Force
Basic authorization is..basic. A username and a password separated by a colon is then encoded in Base64. The screenshot below demonstrate the credentials admin:admin being sent through the Authorization header of an HTTP request.
ProTip: You can/should always test first by using a set of valid credentials and check if it returns it valid.
HTTP Post form Brute Force
Most of the time, authentication is made via a form posted to the web server. You can try to brute force it but watch out for CSRF. Try sending the same request twice using burp.
Last updated