Kamis, 29 Maret 2012

Mapping The Application

the first steep in process of attacking the application is gathering and some key information about it to gain a better understanding what are you up against. the mapping exercise begins by enumerating the application content and functionality to understand what the web application does and how it behaves. much of this functionality is easy to identify, but some of it maybe hidden, requiring a degree of guesswork and lucky discover.




  • Enumerating Content and Functionality 
In a typical web application, the majority of content and functionality can be identified via manual browsing.
as shown below :