Hi Friends today I will explain you about how to check the Methods while performing the Web Application vulnerability Assessment using Burp Suite.
1) First setup proxy to your Browser and connect with burp.
2) Now intercept the request of your URL.
3) Send that Request to Repeater.
4) Now you have to Replace all the Methods that are available and check the response if you are getting 200 ok as response code then it means the server accepted if not rejected.
The Methods that should not be allowed or disabled in the Application are following.
1)PUT
2)DELETE
3)CONNECT
4)TRACE
If any of the above methods are enabled then it might be vulnerable.
If you want to know what all methods are enabled then you need to check with OPTIONS method that it will list all the methods that are enabled in the web server.
How to check the Arbitrary HTTP Methods:
use HEAD, JEFF and CATS sometimes it would be treated as a GET request if these methods are allowed then it is Vulnerable.
I hope this will be very useful to you Thankyou. If you have any doubt you can comment me there I will reply you.
1) First setup proxy to your Browser and connect with burp.
2) Now intercept the request of your URL.
3) Send that Request to Repeater.
4) Now you have to Replace all the Methods that are available and check the response if you are getting 200 ok as response code then it means the server accepted if not rejected.
The Methods that should not be allowed or disabled in the Application are following.
1)PUT
2)DELETE
3)CONNECT
4)TRACE
If any of the above methods are enabled then it might be vulnerable.
If you want to know what all methods are enabled then you need to check with OPTIONS method that it will list all the methods that are enabled in the web server.
How to check the Arbitrary HTTP Methods:
use HEAD, JEFF and CATS sometimes it would be treated as a GET request if these methods are allowed then it is Vulnerable.
I hope this will be very useful to you Thankyou. If you have any doubt you can comment me there I will reply you.
