fbpx

url

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario?

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in …

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario? Read More »

Google

You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What Google dork operator would you use?

You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What Google dork operator would you use? Option 1 : inurl Option 2 : site Option 3 : ext Option 4 : filetype 1. inurl Find pages with a certain word (or words) in the url. For this example, any results containing the word “apple” …

You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What Google dork operator would you use? Read More »