How can I find security vulnerabilities from 80.port?

Hi Criminal IP forum!
While scanning the ip address of a site using Criminal IP, I found that port 80 is open and can be easily exploited. But I do not know what vulnerabilities can be found in port 80. How can I find security vulnerabilities from 80 port?


When a machine exposes it’s port 80, It s good indicator that that machine is running a web server. But It doesn’t mean that it is necessarily vulnerable to anything.

An important rule when you’re starting. It is to get rid of metasploit. You won’t find anything on well tested bug bounty targets using such automated tools. From what I understand this just told you that the machine has the port 80 open, that’s all black hat.

If you want to know about some classic web vulnerabilities, then start digging manually for xss sqli idors BAC etc

It makes perfect sense that running common automated vuln scans/tools is doing what probably everyone before you has already done.

Ok. I would be pleased with this!