Preparing for an Engagement                                                 Chapter 3

            Questions


                   1.  What's a good tool for finding hidden directories and secret files on a site?
                   2.  How and where can you find a map of the site's architecture? How can you
                      create one if it's not already there?
                   3.  How can you safely create a map of an application's attack surface without using
                      scanners or automated scripts?
                   4.  What's a common resource in Python for scraping websites?
                   5.  What are some advantages to writing scripts according to the Unix philosophy
                      (single-purpose, connectable, built around text)?
                   6.  What's a good resource for finding XSS submissions, SQLi snippets, and other
                      fuzzing inputs?
                   7.  What's a good resource for discovering DNS info associated with a target?



            Further Reading


            You can find out more about some of the topics we have discussed in this chapter at:

                      SecLists: IUUQT   HJUIVC DPN EBOJFMNJFTTMFS 4FD-JTUT
                      Measuring Relative Attack Surfaces: IUUQ   XXX DT DNV FEV _XJOH
                      QVCMJDBUJPOT )PXBSE 8JOH   QEG
                      XSScrapy: IUUQ   QFOUFTUPPMT DPN YTTDSBQZ YTTTRMJ GJOEFS



























                                                    [ 54 ]