Looking for good strategy for Pentesting Decentralized WebApp

[jaroule]

hello Xss team,

im actually looking for someone who can provide a good strategy for pentesting Dapp such as Web app parsing (URL parsing),Google,Shodan Dork, ,then best way to scan for vulnerabilities such as burpsuite pro also ways to bypass Cloudflare.

thanx in advance

 

[kif1r]

for cloudflare bypass you can try the cloudfail git project(searches old dns records and crimeflare DB).
for scanning web vuln you can try either crawling through burpsuite, and sqlmap all parameters.
or you can try running checkers like Nuclei on git or nikto from kali.
but if you want a really good scanner fofa[.]info would be your best shot )

 

[jaroule]

for cloudflare bypass you can try the cloudfail git project(searches old dns records and crimeflare DB).
for scanning web vuln you can try either crawling through burpsuite, and sqlmap all parameters.
or you can try running checkers like Nuclei on git or nikto from kali.
but if you want a really good scanner fofa[.]info would be your best shot )

thank you so much dude really appreciate your post

 

[akriosss47]

Something like this? https://www.mindmeister.com/ru/1748098748/web-app-pentest?fullscreen=1

 

[jaroule]

Something like this? https://www.mindmeister.com/ru/1748098748/web-app-pentest?fullscreen=1

mmmm nice schema but we need something more powerfull with tools for parsing vuln web app and strategy for pentesting especially decentralized one