About JSON Web Token
According to official website, JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
Step 2. Pentesting Checklist
| Pentesting Workflow |
- Gather information about the client organization
- Foundation
- Objectives of the Company
- Products
- Employee Information
- Business Partners
- Clients
- Client Organization Premises
- Network Equipments
- Server Room
Information Gathering
Information Gathering
- dnsstuff.com
metgoofil -d kali.org -t pdf -o temp -f kali.html
External Tesing
External Network Penetration Testing
Web Penetration Testing
- web application firewall scan
wafw00f http://ocoretech.com
- Load Balancer Scan
wafw00f http://ocoretech.com
- Website crawling
burp suite
dirb
gobuster
- Website Cloning / Copy
Social Engineering Toolkit (SET)
httrack
httrack <url> -O <output_path>
- SSL Scan
sslscan <url>
- CMS Application Scan
wordpress / drupal or joomla
wpscan -u <url>
wpscan -u <url> --enumerate vp
wpscan -u <url> --enumerate users
- Vulnerabilities Scanner
burpsuite
openvas
- Exploiting SQL injection
sqlmap
- Maintaining Access Web Shell
Weevely (https://github.com/epinna/weevely3)
- Denial of Service attack
Low Orbit Ion Cannon
Internal Pentesting Workflow
- Detectin MITM (man-in-the-middle)
echo 1 > /proc/sys/net/ipv4/ip_forward
arpspoof -i eth0 -t <victim_ip> <gateway_ip>
arpspoof -i eth0 -t <victim_ip> <gateway_ip>
in wireshark
arp.duplicate-address-frame
References: