The Nen-Book
  • Whoami
  • Write-ups
    • Intigriti 1337Up 2024
      • Intigriti 1337Up 2024-CTF OSINT Challenges
      • Intigriti 1337Up Live 2024-CTF Web Challenges
    • CyCTF Quals 2024
      • OSINT Challenges CyCTF Quals 2024
      • Old Friend OSINT Challenge CyCTF 2024 Quals Writeup
    • PicoCTF
      • PicoCTF 2024 Web Exploitation Challenges
      • PicoCTF 2024 General Skills Challenges
      • PicoCTF 2021 Web Exploitation Challenges Walkthrough
      • PicoCTF 2019 Web Exploitation Challenges
  • πŸ•ΈοΈWeb_AppSec πŸ•ΈοΈ
    • Web_Recon
    • ATO
    • Backend_Technology_Tips
    • XSS
    • SSRF
    • CSRF
    • XXE
    • SSTI
    • Insecure_Deserialization
    • Open_Redirects
    • Information_Disclosures
    • Rate_Limiting
    • Clickjacking
    • Broken Access Control & IDORS
    • Bash_Scripting
    • Authentication_Vulnerabilities
    • App_Logic_Errors
  • πŸ“ΊNetwork_Pentesting πŸ“Ί
    • Scanning & Enumeration
    • Active_Directory
      • AD_Overview_&_ Lab Build
      • AD_Initial_Attack_Vectors
      • AD_Post-Compromise_Enumeration
      • AD_Post-Compromise_Attacks
    • Buffer_Overflow_Attacks
    • Web_Applications
    • Privilege_Escalation
  • 🌩️Cloud_Security 🌩️
    • AWS Pentesting
  • 🀡APISec 🀡
    • API_Recon
    • Broken_Access_Control & Info_Leaks
  • πŸ”¬Code_Review πŸ”¬
    • Source_Code_Review_101
    • Code Review Tools
  • 🐝Bug_Bounty 🐝
    • Picking_A_BugBounty_Program
    • Writing_A_Good_Report
  • πŸ“‘Purple Teaming & MITRE ATT&CK πŸ“‘
    • Introducing the ATT&CK Framework
    • MITRE Engenuity
    • Threat-Informed Defense
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
  1. Web_AppSec πŸ•ΈοΈ

Backend_Technology_Tips

.NET

Information Gathering

  • Cookie (ASP.NET_SessionId, ASPXAUTH)

  • Server Headers

  • ViewState

  • Response Header (X-Powerded-By, X-AspNet-Version)

  • Error Messages

Vulnerabilities

  • Low Hanging Fruits

  • Server Information Disclosure

  • Lack of Security Headers

  • IIS Default Page Disclosure

  • Improper Error Handling

  • ASP.NET Debugging Enabled

  • Directory Listing

  • ASP.NET ViewState Vulnerabilities

Improper Error Handling - .NET

ASP.NET Debugging Enabled - .NET

Server Information Disclosure - .NET

IIS Default Page Disclosure - .NET

ASP.NET ViewState Vulnerabilities

  • MAC Disabled

  • MAC Enabled (encryption key via brute-force)

  • Web config file

Node.js

Information Gathering

  • Cookie (connect.sid)

  • Server Headers

  • Response Header (X-Powerded-By)

Vulnerabilities

SQL Injection - Node.js:

XSS - Node.js

Improper Authentication and Authorization – Node.js

IDOR - Node.js

Java

Information Gathering

  • Cookie (JSESSIONID)

  • Server Headers (Tomcat, WebLogic, JBoss)

  • Endpoints (JSP)

  • Response Header (X-Powerded-By:Servlet)

  • Error Messages

PreviousATONextXSS

Last updated 4 months ago

πŸ•ΈοΈ
  • .NET
  • Information Gathering
  • Vulnerabilities
  • Node.js
  • Information Gathering
  • Vulnerabilities
  • Java
  • Information Gathering