Tuesday, June 9, 2020

How to check Methods in web Application vulnerability Assesment

Hi Friends  today I will explain you about how to check the Methods while performing the Web Application vulnerability Assessment using Burp Suite.



1) First setup proxy to your Browser and connect with burp.

2) Now intercept the request of your URL.

3) Send that Request to Repeater.

4) Now you have to Replace all the Methods that are available and check the response if you are getting 200 ok as response code then it means the server accepted if not rejected.


The Methods that should not be allowed or disabled in the Application are following.


1)PUT

2)DELETE

3)CONNECT

4)TRACE

If any of the above methods are enabled then it might be vulnerable.


If you want to know what all methods are enabled then you need to check with  OPTIONS  method that it will list all the methods that are enabled in the web server.


How to check the Arbitrary HTTP Methods:


use HEAD, JEFF and CATS sometimes it would be treated as a GET request if these methods are allowed then it is Vulnerable.

I hope this will be very useful to you Thankyou.  If you have any doubt you can comment me there I will reply you.

Top 10 Free AI Tools in 2024: Boost Your Productivity and Creativity

In today's rapidly evolving digital landscape, artificial intelligence (AI) has become an indispensable asset for professionals, creativ...