So I have noticed that web hacking has been popular lately. A lot of them make a lot of money etc. However, after a little bit of research. I found that there is already software that scans for exploits. So I’m wondering if I’m missing something in the process?
Enumeration.
Enumeration is the name of the game in any exploitation. Look through and find everything, analyze everything, note down everything. Explore every scenario. Leave no stone unturned.
Skids runs scripts, hackers enumerate and they may use tools to aid them. That’s the difference.
So they also use tool but try in every scenario they could??
Automated tools aren’t meant to do all the work for a hacker/pentester/bug hunter, they make their job faster and a bit easier when possible, but they aren’t suited to completely replace manual inspection by any means, the two of them need to get along and complement each other.
Take fuzzing for example, we use fuzzing tools to analyze the behavior of a program when special malformed data is given to it as input, with the intent of finding and triggering security flaws. It’s a job that could be done manually for sure, but it would be incredibly tedious and could waste a lot of your time, which as a security professional could be used in much better ways. So instead you use a program that’s been coded, tested, and improved for years just to do that one job, and if you find something interesting you can analyze it further and come to an exploit after a lot of manual inspection (assisted by other programs like debuggers) to understand how the flaw works and how you can take advantage of it, these are things that an automated tool can’t do for you, and that’s where experience and skill come to play.
The same thing applies to vulnerability scanners, you can buy the best professional scanner on the market, but if you don’t know how to tune it correctly, or read its output, what are you gaining from it exactly? It’s also important to note that scanners are used to identify security issues but they don’t exploit them for you, and those which try to do it aren’t as reliable as a human doing it himself, if you want to do a good job at reporting a security issue you must demonstrate how that flaw can be exploited, provide some proof that it could be a danger, document it, study it. Can the scanner do that for you? No, it will only tell you “hey I think I found a code injection flaw here, double check by yourself to be sure and see what you can do with it”.
6 Likes
nice explanation. Thanks!
No, they use GUI applications to detect web exploits.
This topic was automatically closed after 30 days. New replies are no longer allowed.