When performing your reconnaissance, you may come across parts of web applications that will allow you to determine whether or not certain usernames are valid. A prime example of this will be a page that allows you to request a password reset when you have forgotten your password. For instance, if the page asks that you enter your username in order to have a password reset, it may give different responses depending on whether or not a user with that username exists. So, if a username doesn't exist, the page may respond with Username not found
, or something similar. However, if the username does exist, it may redirect you to the login page and inform you that Password reset instructions have been sent to your registered email address
.
Python Web Penetration Testing Cookbook
By :
Python Web Penetration Testing Cookbook
By:
Overview of this book
Table of Contents (16 chapters)
Python Web Penetration Testing Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
Gathering Open Source Intelligence
Enumeration
Vulnerability Identification
SQL Injection
Web Header Manipulation
Image Analysis and Manipulation
Encryption and Encoding
Payloads and Shells
Reporting
Index
Customer Reviews