re: If you were tasked to conduct a security audit on a server/database-backed web app, where would you start? VIEW POST


An outside-in pentest. Forget everything you know about the guts and come in from the outside.

  1. This is how malicious actors would approach it
  2. For those purposes, it's functionally meaningless to audit access levels - bad actors never had access to begin with... They create it.

This tool is in my tabs - I haven't used it, but it seems to ball up all the ones I do use. I've been curious about it.


Bingo. Even something a simple as iteratively running nmap, upping the fingerprinting-aggressiveness with each run can be helpful. This can let you know "are they using any scan-detectors to auto-block script-kiddies" and help you level-set the types of attacks that are likely to work.

code of conduct - report abuse