Module 3 – Information Gathering
Module 3 covers the Information Gathering process. This is where the security tester gains an understanding of the web application and collects useful information for the testing process.
It covers the following:
- Gathering Information on a target – WHOIS, DNS, Nslookup etc.
- Fingerprinting the web server
- Enumerating sub-domains
- Fingerprinting frameworks and applications
- Enumerating resources
- Finding hidden files
- Google Hacking