Gathering Information

Here are some key pieces of information that a security expert usually gathers about a website:

1. Related domains and subdomains

2. Technology and programming languages being used

3. Cached pages

4. Website history

5. Publically indexed files on search engines

6. Default pages and login forms

7. Related IP addresses

8. Other services running on those IP addresses

9. Version of the services/softwares being used

10. Publicly disclosed vulnerabilities in the softwares being used

11. Default users

12. Default passwords

13. Valid email address and usernames

PreviousGathering Information About WebsitesNextGathering Targeted Information

Last updated