Identifying hidden contents
Practically speaking, the big question that you will ask yourself is, what do I need to find? You will need a solid checklist to refer to when it's time for your web intrusion test. That being said, here's a checklist that you can use for this step in the workflow:
Robots.txt
file- Backup files (
.bak
,.old
) - Other interesting files (
.xls
,.doc
,.pdf
,.txt
) - Administration URL (for example,
phpmyadmin, wp-admin
) - Debugging leftover pages and URLs
- Is CMS used? (WordPress)
If you find any item in the preceding list, check its contents for juicy information, including:
- Personal information
- Email addresses
- Credentials
- An entry point to another system (for example, WordPress)