Enumerate externally facing software applications technologies, languages, and dependencies

Software applications will be built using different technologies, languages, and dependencies. This information may reveal vulnerabilities or opportunities to an adversary. [1] [2] [3]

ID: T1261

Tactic: Technical Information Gathering

Version: 1.0

Detection

Detectable by Common Defenses (Yes/No/Partial): Yes

Explanation: Impossible to differentiate between an adversary and a normal user when accessing a site to determine the languages/technologies used. If active scanning tools are employed, then the defender has the ability to detect. However, this is typically not acted upon due to the large volume of this type of traffic and it will likely not prompt the defender to take any actionable defense. Defender review of access logs may provide some insight based on trends or patterns.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Basic interaction with the site provides insight into the programming languages/technologies used for a given web site. Additionally many of the active scanning tools will also provide some insight into this information.

References

  1. Paul Ionescu. (2015, April 8). The 10 Most Common Application Attacks in Action. Retrieved March 5, 2017.
  2. Gregory Leonard. (2016, February). Getting Started with Web Application Security. Retrieved March 5, 2017.
  1. SANS Institute. (2011, June 27). CWE/SANS TOP 25 Most Dangerous Software Errors. Retrieved March 5, 2017.