Pentesting and Red Teaming Notes
  • 🖥️Pentesting and Red Teaming Cheatsheet
  • Web Application Pentesting(BlackBox)
    • SQL Injection
    • Blind SQL Injection
    • Path Traversal
    • Attacking Authentication
    • Race Conditions
    • Business Logic Vulnerabilities
    • Command Injections
    • Information disclosure
    • Access Controls
    • File upload Attacks
    • XXE
    • Server Side Request Forgery
    • Api Testing
    • noSQL
    • DOM based vulnerabilities
    • Cross Site scripting
  • Infrastructure Pentesting
    • Windows Privilege Escalation
    • Attacking Active Directory
    • File Transfers and Download
    • Pivoting(Tunneling and Port Forwarding)
    • Linux Privilege Escalation
    • Stealing NTLM hashes
    • Tricks and Tips
  • Active Directory Pentesting
    • powershell theory
    • Methodology
    • domain enumeration
    • File Transfer
    • PowerShell ADModule
    • Local Privilege Escalation
    • PowerView Commands
    • ACLs Descriptions
    • ACLs Abuse
    • ACL
    • Trusts
    • User Hunting
    • group policy
    • Mimikatz
    • BloodHound
    • LateralMovement
    • Kerberoasting
    • defense bypasses
    • Set-SPN
    • ASREProasting
    • Unconstrained Delegation
    • Constrained Delegation
    • Resource Based Constrained Delegation
    • AD CS
    • Persistance
    • Priv Esc Trusts Inside Forest
    • MSSQL Servers
    • Priv Esc Trusts Across Forest
    • Tips And Tricks
    • Service Tickets and Abuses
  • Reconnaissance
    • Web Application Reconnaissance
    • External Reconnaissance
Powered by GitBook
On this page
  1. Web Application Pentesting(BlackBox)

Information disclosure

When website unintentionally reveals sensative information to its users such as

  • Data about other users such as usernames or financial information

  • Sensative business data

  • Technical details about the website and its infrastructure

These disclosed information can always provide the missing piece of the puzzle when trying to construct complex high sevarity attacks.

Some basic examples of information disclosure are as follows:

  • Revealing the names of hidden directories, their structure, and their contents via a robots.txt file or directory listing

  • Providing access to source code files via temporary backups

  • Explicitly mentioning database table or column names in error messages

  • Unnecessarily exposing highly sensitive information, such as credit card details

  • Hard-coding API keys, IP addresses, database credentials, and so on in the source code

  • Hinting at the existence or absence of resources, usernames, and so on via subtle differences in application behavior

  • Using google dorks to find specific file types eg: site:bank.com filetype:xlsx, site:pastebin.com "mysql"

  • Finding informations on shodan, censys, github, gitlab, bitbucket, pastebin, codepen

PreviousCommand InjectionsNextAccess Controls

Last updated 1 year ago