Web application security - the fast guide 1.1

Chapter 4 - Be the attacker P a g e | 68 time invested in Mapping and analysis phases this is why the attacker needs to cover his trace and minimize the attack detection possibility. Trace coverage is a process that should begin with mapping phase and finalize the whole process. 4.4 Mapping Network Mediators DNS Server OS Mapping Infrastructure Functionalities Workflow Components Data Mapping Application Mapping includes all tasks done for the purpose of collecting information about application and infrastructure of the potential victim. Mapping infrastructure: mapping infra structure includes collecting information about servers’ networks operating systems and DNS entries of the potential victim. Mapping Application: this includes creating a full profile for the application comprising functionalities, components, flow and data. We will cover those main tasks focusing on application mapping more than infra structure due to the subject scope. 4.5 Mapping infrastructure Even though that mapping infra structure is outside our course scope but it is vital to remind with some of the main practices and tools that can be used in that phase

Web application security - the fast guide 1.1 | Page 68