1 Information Gathering

1.1 Conduct Search Engine Discovery Reconnaissance for Information Leakage

1.2 Fingerprint Web Server

1.3 Review Webserver Metafiles for Information Leakage

1.4 Attack Surface Identification

1.5 Review Web Page Content for Information Leakage

1.6 Identify Application Entry Points

1.7 Map Execution Paths Through Application

1.8 Fingerprint Web Application Framework

1.9 Fingerprint Web Application

1.10 Map Application Architecture