Scribd Logo
Upload

Welcome to Scribd!

  • BaomatWeb Slide v1.0

    Uploaded by

    Quốc Phong
    6 views42 pages
    This document discusses concepts related to web server security including common web server architectures, attack types like DNS hijacking and response splitting, and methodology for attacking web servers which involves information gathering, footprinting, vulnerability scanning, and exploiting vulnerabilities through techniques such as session hijacking and password hacking. It also lists tools that can be used in web server attacks like Metasploit.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses concepts related to web server security including common web server architectures, attack types like DNS hijacking and response splitting, and methodology for attacking web servers which involves information gathering, footprinting, vulnerability scanning, and exploiting vulnerabilities through techniques such as session hijacking and password hacking. It also lists tools that can be used in web server attacks like Metasploit.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    6 views42 pages

    BaomatWeb Slide v1.0

    Uploaded by

    Quốc Phong
    This document discusses concepts related to web server security including common web server architectures, attack types like DNS hijacking and response splitting, and methodology for attacking web servers which involves information gathering, footprinting, vulnerability scanning, and exploiting vulnerabilities through techniques such as session hijacking and password hacking. It also lists tools that can be used in web server attacks like Metasploit.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 42

    SUMMARIZE WEB SERVER CONCEPTS

    Web Server Operations


    Open-source Web Server Architecture
    IIS Web Server Architecture
    Web Server Security Issues
    Why are Web Servers Compromised
    DEMONSTRATE DIFFERENT WEB SERVER ATTACKS
    DNS Server Hijacking
    DNS Amplification Attack
    DNS Amplification Attack (cont)
    Directory Traversal Attacks
    Web Defacement
    Web Server Misconfiguration
    HTTP Response-Splitting Attack
    Example of an HTTP Response-Splitting Attack
    Web Cache Poisoning Attack
    SSH Brute Force Attack
    Web Server Password Cracking
    Other Web Server Attacks
    Other Web Server Attacks (Cont)
    Other Web Server Attacks (Cont)
    Other Web Server Attacks (Cont)
    EXPLAIN WEB SERVER ATTACK METHODOLOGY
    Web Server Attack Methodology
    Information Gathering
    Information Gathering from Robots.txt File
    Web Server Footprinting/Banner Grabbing
    Web Server Footprinting Tools
    Enumerating Web Server Information Using Nmap
    Website Mirroring
    Finding Default Credentials of Web Server
    Finding Default Content of Web Server
    Finding Directory Listings of Web Server
    Finding Directory Listings of Web Server
    Vulnerability Scanning
    Finding Exploitable Vulnerabilities
    Session Hijacking
    Web Server Password Hacking
    Using Application Server as a Proxy
    Web Server Attack Tools: Metasploit

    You might also like