Web Server Penetration Testing Checklist

Collecting as Much as Information about an organization Ranging from operation

environment is the main area to concentrate with the initial stage of web server Pen
testing.

Performing web server Authentication Testing, use Social engineering techniques to

collect the information about the Human Resources, contact Details and other Social
Related information.

Gathering Information about the Target, use whois database query tools to get the
Details such as Domain name, IPaddress, Administrative Details, autonomous
system number, DNS etc.

Fingerprint web server to gather information such as server name, server type,
operating systems, application running on the server etc use fingerprint scanning
tools such as , Netcraft, HTTPrecon , ID Serve .

Crawel Website to gather Specific information from web pages, such as email addresses

Enumerate web server Directories to extract important information about web

functionalities, login forms etc.

Perform Directory Traversal Attack to access Restricted Directories and execute the
command from outside of the Web server root directories.

Performing vulnerability scanning to identify the weakness in the network use the
vulnerability scanning tools such as HPwebinspect, Nessus. and determine if the system
can be exploited.

Perform we cache poisoning attack to force the web servers cache to flush its actual
cache content and send a specifically crafted request which will be stored in the cache.

Performing HTTP response splitting attack to pass malicious data to a vulnerable

application that includes the data in an HTTP response header.
 Bruteforce SSH,FTP, and other services login credentials to gain unauthorized access.

Perform session hijacking to capture valid session cookies and IDs,use tools such
as Burb suite , Firesheep ,jhijack to automated session hijacking.

Performing MITM attack to access the sensitive information by intercepting the altering
the communications between the end users and web servers.

Use tools such as webalizer, AWStats to examine the web server logs .

Source: https://gbhackers.com/web-server-penetration-testing-checklist/