Preparing for an Engagement                                                 Chapter 3

            Spidering and Other Data-Collection Techniques

            Parallel to brute-forcing for sensitive assets, spidering can help you get a picture of a site
            that, without a sitemap, just brute-forcing itself can't provide. That link base can also be
            shared with other tools, pruned of any out-of-scope or irrelevant entries, and subjected to
            more in-depth analysis. There are a couple of useful spiders, each with its own advantages.
            The first one we'll cover, Burp's native spider functionality, is obviously a contender
            because it's part of (and integrates with) a tool that's probably already part of your toolset.


            #VSQ 4QJEFS
            To kick-off a spidering session, make sure you have the appropriate domains in scope:
















































                                                    [ 39 ]