Web Application Debugging

• we should first attempt to discover the technology stack in use. Technology stacks generally consist of a host operating system, web server software, database software, and a frontend/backend programming language

• modern browsers include developer tools that can assist in the enumeration process

Debugging Page Content

• File extensions, which are sometimes part of a URL, can reveal the programming language the application was written in (e.g., .php,.jsp,.html)

• Use debugger from Firefox developer tool

• Inspector tool to drill down into specific page content

Inspecting HTTP Response Header and Sitemaps

Tow type of tools:

• Proxy like burpsuite.

• Browser own Network Tool

• Server Header often revel at least the name of web server software

View Response Header using Network Tools

HTTP headers are not always generated solely by the web server. For instance, web proxies actively insert the X-Forwarded-For352 header to signal the web server about the original client IP address.

• Historically, headers that started with “X-” were called non-standard HTTP headers. However, RFC6648353 now deprecates the use of “X-” in favor of a clearer naming convention

• Some examples of non-standard headers include XPowered- By, x-amz-cf-id, and X-Aspnet-Version.

• x-amz-cf-id” header indicates the application uses Amazon CloudFront.

Sitemap and robots.txt

• Sitemaps are another important element we should take into consideration when enumerating web applications. Web applications can include sitemap files to help search engine bots crawl and index their site

• robots.txt excludes URLs from being crawled

curl https://www.google.com/robots.txt