{"id":86304,"date":"2026-05-03T21:59:44","date_gmt":"2026-05-04T02:59:44","guid":{"rendered":"https:\/\/niixer.com\/?p=86304"},"modified":"2026-05-03T22:36:34","modified_gmt":"2026-05-04T03:36:34","slug":"hacking-etico-analisis-web","status":"publish","type":"post","link":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/","title":{"rendered":"Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10"},"content":{"rendered":"\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u00bfQu\u00e9 es el hacking \u00e9tico web y por qu\u00e9 es importante?<\/h2>\n\n\n\n<p>El hacking \u00e9tico web es una pr\u00e1ctica esencial en <a href=\"https:\/\/niixer.com\/index.php\/2025\/03\/28\/la-inteligencia-artificial-en-la-ciberseguridad-un-enfoque-para-el-futuro\/\" type=\"link\" id=\"https:\/\/niixer.com\/index.php\/2025\/03\/28\/la-inteligencia-artificial-en-la-ciberseguridad-un-enfoque-para-el-futuro\/\">ciberseguridad<\/a> que permite identificar vulnerabilidades antes de que sean explotadas. En este art\u00edculo se realiza un an\u00e1lisis real utilizando herramientas como Nmap, DNS, SSL y OWASP Top 10.<\/p>\n\n\n\n<p>En este art\u00edculo se presenta un an\u00e1lisis pr\u00e1ctico basado en t\u00e9cnicas reales de reconocimiento de red, an\u00e1lisis DNS, evaluaci\u00f3n de certificados SSL y aplicaci\u00f3n del est\u00e1ndar OWASP Top 10. Este ejercicio se realiz\u00f3 bajo principios \u00e9ticos y en un entorno controlado .<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Objetivo del an\u00e1lisis de <a href=\"https:\/\/niixer.com\/index.php\/etiqueta\/seguridad\/\" type=\"post_tag\" id=\"247\">seguridad<\/a><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Objetivo general<\/h3>\n\n\n\n<p>Analizar la seguridad de un sistema web mediante t\u00e9cnicas de reconocimiento y evaluaci\u00f3n de vulnerabilidades.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Objetivos espec\u00edficos<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Evaluar conectividad y rutas de red<\/li>\n\n\n\n<li>Identificar servicios activos<\/li>\n\n\n\n<li>Analizar DNS y WHOIS<\/li>\n\n\n\n<li>Evaluar seguridad SSL<\/li>\n\n\n\n<li>Aplicar OWASP Top 10<\/li>\n<\/ul>\n\n\n\n<p style=\"font-size:30px\">METODOLOG\u00cdA DE HACKING \u00c9TICO WEB<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Fase 1: Reconocimiento de red<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Prueba de conectividad (PING)<\/h3>\n\n\n\n<p>El comando <code>ping<\/code> permite verificar si un host est\u00e1 disponible en la red.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.33.52-1-1024x576.png\" alt=\"\" class=\"wp-image-86306\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.33.52-1-1024x576.png 1024w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.33.52-1-300x169.png 300w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.33.52-1-768x432.png 768w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.33.52-1.png 1330w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>Resultado clave:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Host accesible<\/li>\n\n\n\n<li>ICMP parcialmente bloqueado<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">An\u00e1lisis de ruta (Traceroute)<\/h3>\n\n\n\n<p>El traceroute permite identificar los saltos entre origen y destino.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"330\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.35.11-1024x330.png\" alt=\"\" class=\"wp-image-86307\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.35.11-1024x330.png 1024w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.35.11-300x97.png 300w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.35.11-768x247.png 768w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.35.11-1536x494.png 1536w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.35.11-2048x659.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Hallazgos importantes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tr\u00e1fico pasa por ISP colombiano (EPM)<\/li>\n\n\n\n<li>Salto internacional detectado<\/li>\n\n\n\n<li>Destino final no responde<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Escaneo de puertos con Nmap<\/h3>\n\n\n\n<p>Herramienta clave en pentesting para detectar servicios activos.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"318\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.36.09-1024x318.png\" alt=\"\" class=\"wp-image-86308\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.36.09-1024x318.png 1024w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.36.09-300x93.png 300w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.36.09-768x239.png 768w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.36.09-1536x478.png 1536w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.36.09-2048x637.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Resultados<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Puerto 80 \u2192 HTTP<\/li>\n\n\n\n<li>Puerto 443 \u2192 HTTPS<\/li>\n\n\n\n<li>Puerto 25 \u2192 SMTP<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Fase 2: An\u00e1lisis DNS, WHOIS y SSL<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Resoluci\u00f3n <a href=\"https:\/\/niixer.com\/index.php\/etiqueta\/pentesting-owasp-top-10-dns-seguridad-web\/\" type=\"post_tag\" id=\"4570\">DNS<\/a><\/h3>\n\n\n\n<p>Se identific\u00f3 la IP del dominio analizado.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"498\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.03-1024x498.png\" alt=\"\" class=\"wp-image-86309\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.03-1024x498.png 1024w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.03-300x146.png 300w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.03-768x373.png 768w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.03.png 1206w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Registros DNS (TXT, MX, NS)<\/h3>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"988\" height=\"758\" data-id=\"86310\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.51.png\" alt=\"\" class=\"wp-image-86310\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.51.png 988w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.51-300x230.png 300w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.38.51-768x589.png 768w\" sizes=\"auto, (max-width: 988px) 100vw, 988px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"849\" data-id=\"86311\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.39.05-1024x849.png\" alt=\"\" class=\"wp-image-86311\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.39.05-1024x849.png 1024w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.39.05-300x249.png 300w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.39.05-768x637.png 768w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.39.05.png 1134w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Resultados<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>No hay registros TXT<\/li>\n\n\n\n<li>No hay registros MX<\/li>\n\n\n\n<li>Configuraci\u00f3n m\u00ednima<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Consulta WHOIS<\/h3>\n\n\n\n<h3 class=\"wp-block-heading\">Hallazgos<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Dominio bajo TLD .gd<\/li>\n\n\n\n<li>Infraestructura externa<\/li>\n\n\n\n<li>Subdominio no registrado<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">An\u00e1lisis de certificado SSL<\/h3>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"455\" height=\"1024\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.40.31-455x1024.png\" alt=\"\" class=\"wp-image-86312\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.40.31-455x1024.png 455w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.40.31-133x300.png 133w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.40.31-768x1727.png 768w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.40.31-683x1536.png 683w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.40.31.png 814w\" sizes=\"auto, (max-width: 455px) 100vw, 455px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Resultados cr\u00edticos<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Certificado autofirmado<\/li>\n\n\n\n<li>Error de validaci\u00f3n<\/li>\n\n\n\n<li>TLS 1.3 activo<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Fase 3: <a href=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Taller_OWASP.pdf\" type=\"attachment\" id=\"86289\">OWASP<\/a> Top 10<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">A01: Broken Access Control<\/h3>\n\n\n\n<p>No se detect\u00f3 acceso sin autenticaci\u00f3n.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">A02: Cryptographic Failures<\/h3>\n\n\n\n<p>Problema detectado:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Certificado SSL inv\u00e1lido<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">A03: <a href=\"https:\/\/niixer.com\/index.php\/2026\/04\/29\/pentesting-con-owasp-en-un-sitio-wordpress-hallazgos-reales-de-un-ejercicio-de-hacking-etico\/\" type=\"post\" id=\"85990\">Injection<\/a><\/h3>\n\n\n\n<p>No se logr\u00f3 explotar la vulnerabilidad.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"553\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.42.00-1024x553.png\" alt=\"\" class=\"wp-image-86313\" srcset=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.42.00-1024x553.png 1024w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.42.00-300x162.png 300w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.42.00-768x415.png 768w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.42.00-1536x829.png 1536w, https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-03-at-21.42.00-2048x1106.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">H3 \u2013 A04: Insecure Design<\/h3>\n\n\n\n<p>Hallazgos:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Uso de subdominio gratuito<\/li>\n\n\n\n<li>Infraestructura b\u00e1sica<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">H3 \u2013 A05: Security Misconfiguration<\/h3>\n\n\n\n<p>Problemas detectados:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SSL mal configurado<\/li>\n\n\n\n<li>DNS limitado<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">H3 \u2013 A06: Vulnerable Components<\/h3>\n\n\n\n<p>No se identificaron componentes visibles vulnerables.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">H3 \u2013 A07: Authentication Failures<\/h3>\n\n\n\n<p>Intentos de acceso fallidos (admin\/admin).<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">H3 \u2013 A08: Software Integrity<\/h3>\n\n\n\n<p>No se encontraron mecanismos de validaci\u00f3n.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">A09: Logging &amp; Monitoring<\/h3>\n\n\n\n<p>No hay evidencia de monitoreo.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">A10: SSRF<\/h3>\n\n\n\n<p>No se detectaron endpoints vulnerables.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n<div class=\"_3d-flip-book  fb3d-fullscreen-mode full-size\" data-id=\"86320\" data-mode=\"fullscreen\" data-title=\"false\" data-template=\"short-white-book-view\" data-lightbox=\"dark-shadow\" data-urlparam=\"fb3d-page\" data-page-n=\"0\" data-pdf=\"\" data-tax=\"null\" data-thumbnail=\"\" data-cols=\"3\" data-book-template=\"default\" data-trigger=\"\"><\/div><script type=\"text\/javascript\">window.FB3D_CLIENT_DATA = window.FB3D_CLIENT_DATA || [];FB3D_CLIENT_DATA.push('eyJwb3N0cyI6eyI4NjMyMCI6eyJJRCI6ODYzMjAsInRpdGxlIjoiVGVzdGluZyIsInR5cGUiOiJwZGYiLCJyZWFkeV9mdW5jdGlvbiI6IiIsImJvb2tfc3R5bGUiOiJhdXRvIiwiYm9va190ZW1wbGF0ZSI6Im5vbmUiLCJvdXRsaW5lIjpbXSwiZGF0YSI6eyJwb3N0X0lEIjoiODYzMjEiLCJndWlkIjoiaHR0cHM6XC9cL25paXhlci5jb21cL3dwLWNvbnRlbnRcL3VwbG9hZHNcLzIwMjZcLzA1XC9BbmFsaXNpcy1IYWNraW5nLUV0aWNvLnBkZiIsInBkZl9wYWdlcyI6IjIxIiwicGFnZXNfY3VzdG9taXphdGlvbiI6Im5vbmUifSwidGh1bWJuYWlsIjp7ImRhdGEiOnsicG9zdF9JRCI6IjAifSwidHlwZSI6ImF1dG8ifSwicHJvcHMiOnsiYmFja2dyb3VuZENvbG9yIjoiYXV0byIsImJhY2tncm91bmRJbWFnZSI6ImF1dG8iLCJiYWNrZ3JvdW5kU3R5bGUiOiJhdXRvIiwiaGlnaGxpZ2h0TGlua3MiOiJhdXRvIiwibGlnaHRpbmciOiJhdXRvIiwic2luZ2xlUGFnZU1vZGUiOiJhdXRvIiwiY2FjaGVkUGFnZXMiOiJhdXRvIiwicmVuZGVySW5hY3RpdmVQYWdlcyI6ImF1dG8iLCJyZW5kZXJJbmFjdGl2ZVBhZ2VzT25Nb2JpbGUiOiJhdXRvIiwicmVuZGVyV2hpbGVGbGlwcGluZyI6ImF1dG8iLCJwcmVsb2FkUGFnZXMiOiJhdXRvIiwiYXV0b1BsYXlEdXJhdGlvbiI6ImF1dG8iLCJydGwiOiJhdXRvIiwiaW50ZXJhY3RpdmVDb3JuZXJzIjoiYXV0byIsIm1heERlcHRoIjoiYXV0byIsInNoZWV0Ijp7InN0YXJ0VmVsb2NpdHkiOiJhdXRvIiwid2F2ZSI6ImF1dG8iLCJzaGFwZSI6ImF1dG8iLCJ3aWR0aFRleGVscyI6ImF1dG8iLCJjb2xvciI6ImF1dG8iLCJzaWRlIjoiYXV0byIsInN0cmV0Y2hJbWFnZXMiOiJhdXRvIiwiY29ybmVyRGV2aWF0aW9uIjoiYXV0byIsImZsZXhpYmlsaXR5IjoiYXV0byIsImZsZXhpYmxlQ29ybmVyIjoiYXV0byIsImJlbmRpbmciOiJhdXRvIiwiaGVpZ2h0VGV4ZWxzIjoiYXV0byJ9LCJjb3ZlciI6eyJ3YXZlIjoiYXV0byIsImNvbG9yIjoiYXV0byIsInNpZGUiOiJhdXRvIiwic3RyZXRjaEltYWdlcyI6ImF1dG8iLCJiaW5kZXJUZXh0dXJlIjoiYXV0byIsImRlcHRoIjoiYXV0byIsInBhZGRpbmciOiJhdXRvIiwic3RhcnRWZWxvY2l0eSI6ImF1dG8iLCJmbGV4aWJpbGl0eSI6ImF1dG8iLCJmbGV4aWJsZUNvcm5lciI6ImF1dG8iLCJiZW5kaW5nIjoiYXV0byIsIndpZHRoVGV4ZWxzIjoiYXV0byIsImhlaWdodFRleGVscyI6ImF1dG8iLCJtYXNzIjoiYXV0byIsInNoYXBlIjoiYXV0byJ9LCJwYWdlIjp7IndhdmUiOiJhdXRvIiwiY29sb3IiOiJhdXRvIiwic2lkZSI6ImF1dG8iLCJzdHJldGNoSW1hZ2VzIjoiYXV0byIsImRlcHRoIjoiYXV0byIsInN0YXJ0VmVsb2NpdHkiOiJhdXRvIiwiZmxleGliaWxpdHkiOiJhdXRvIiwiZmxleGlibGVDb3JuZXIiOiJhdXRvIiwiYmVuZGluZyI6ImF1dG8iLCJ3aWR0aFRleGVscyI6ImF1dG8iLCJoZWlnaHRUZXhlbHMiOiJhdXRvIiwibWFzcyI6ImF1dG8iLCJzaGFwZSI6ImF1dG8ifSwiaGVpZ2h0IjoiYXV0byIsIndpZHRoIjoiYXV0byIsImdyYXZpdHkiOiJhdXRvIiwicGFnZXNGb3JQcmVkaWN0aW5nIjoiYXV0byJ9LCJjb250cm9sUHJvcHMiOnsiYWN0aW9ucyI6eyJjbWRUb2MiOnsiZW5hYmxlZCI6ImF1dG8iLCJlbmFibGVkSW5OYXJyb3ciOiJhdXRvIiwiYWN0aXZlIjoiYXV0byIsImRlZmF1bHRUYWIiOiJhdXRvIn0sImNtZEF1dG9QbGF5Ijp7ImVuYWJsZWQiOiJhdXRvIiwiZW5hYmxlZEluTmFycm93IjoiYXV0byIsImFjdGl2ZSI6ImF1dG8ifSwiY21kU2F2ZSI6eyJlbmFibGVkIjoiYXV0byIsImVuYWJsZWRJbk5hcnJvdyI6ImF1dG8ifSwiY21kUHJpbnQiOnsiZW5hYmxlZCI6ImF1dG8iLCJlbmFibGVkSW5OYXJyb3ciOiJhdXRvIn0sImNtZFNpbmdsZVBhZ2UiOnsiZW5hYmxlZCI6ImF1dG8iLCJlbmFibGVkSW5OYXJyb3ciOiJhdXRvIiwiYWN0aXZlIjoiYXV0byIsImFjdGl2ZUZvck1vYmlsZSI6ImF1dG8ifSwid2lkVG9vbGJhciI6eyJlbmFibGVkIjoiYXV0byIsImVuYWJsZWRJbk5hcnJvdyI6ImF1dG8ifX19LCJhdXRvVGh1bWJuYWlsIjoiaHR0cHM6XC9cL25paXhlci5jb21cL3dwLWNvbnRlbnRcL3VwbG9hZHNcLzNkLWZsaXAtYm9va1wvYXV0by10aHVtYm5haWxzXC84NjMyMC5wbmciLCJwb3N0X25hbWUiOiJ0ZXN0aW5nIiwicG9zdF90eXBlIjoiM2QtZmxpcC1ib29rIn19LCJwYWdlcyI6W10sImZpcnN0UGFnZXMiOltdfQ==');window.FB3D_CLIENT_LOCALE && FB3D_CLIENT_LOCALE.render && FB3D_CLIENT_LOCALE.render();<\/script>\n\n\n\n<p><p style=\"font-size:30px\">Video<\/p><\/p>\n\n\n\n<figure class=\"wp-block-video\"><video height=\"2076\" style=\"aspect-ratio: 4096 \/ 2076;\" width=\"4096\" src=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/sustentacion_FAORe8aI.mp4\"><\/video><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u00bfQu\u00e9 aprendimos del an\u00e1lisis?<\/h2>\n\n\n\n<p>El an\u00e1lisis realizado de hacking etico web demuestra que un sistema puede aparentar ser seguro al tener pocos servicios expuestos, pero a\u00fan as\u00ed presentar <a href=\"https:\/\/niixer.com\/index.php\/etiqueta\/vulnerabilidades\/\" type=\"post_tag\" id=\"4576\">vulnerabilidades<\/a> cr\u00edticas en su configuraci\u00f3n.<\/p>\n\n\n\n<p>El uso de certificados SSL autofirmados representa uno de los riesgos m\u00e1s importantes, ya que compromete la autenticidad de la comunicaci\u00f3n. Asimismo, la falta de configuraci\u00f3n adecuada en DNS y la ausencia de monitoreo evidencian debilidades estructurales .<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><p style=\"font-size:30px\">Referencias<\/p><\/p>\n\n\n\n<p>WordPress. (2024). WooCommerce Documentation.<br>https:\/\/woocommerce.com\/documentation\/<br>WooCommerce. (s.f.). Ecommerce for WordPress. https:\/\/woocommerce.com\/<br>WordPress. (s.f.). Disable JSON API. https:\/\/wordpress.org\/plugins\/disable-json-api\/<br>Nelio Software. (s.f.). Protege tu WordPress ocultando la API REST.<br>https:\/\/neliosoftware.com\/es\/blog\/protege-tu-wordpress-ocultando-la-api-rest\/<br>SSL Shopper. (s.f.). SSL Checker. https:\/\/www.sslshopper.com\/ssl-checker.html<br>Open Web Application Security Project (OWASP). (2021). OWASP Top 10: The Ten<br>Most Critical Web Application Security Risks. https:\/\/owasp.org\/www-project-top-ten\/<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><p style=\"font-size:30px\">Cr\u00e9ditos<\/p><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Autor:<\/strong> Angel David Ramirez Alvarez<\/li>\n\n\n\n<li><strong>Editor:<\/strong> Mg. Carlos Ivan Pinzon Romero<\/li>\n\n\n\n<li><strong>Universidad:<\/strong> Universidad Central<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u00bfQu\u00e9 es el hacking \u00e9tico web y por qu\u00e9 es importante? El hacking \u00e9tico web es una pr\u00e1ctica esencial en ciberseguridad que permite identificar vulnerabilidades antes de que sean explotadas. En este art\u00edculo se realiza un an\u00e1lisis real utilizando herramientas como Nmap, DNS, SSL y OWASP Top 10. En esteSeguir Leyendo<\/p>\n","protected":false},"author":1937,"featured_media":86318,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[4557],"tags":[4575,2596,4559,4561,4560,772,4576],"class_list":["post-86304","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacking-etico","tag-analisis-de-seguridad","tag-ciberseguridad","tag-hacking-etico","tag-owasp-top-10","tag-pentesting","tag-redes","tag-vulnerabilidades"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10 &#8211; Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos<\/title>\n<meta name=\"description\" content=\"En Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos encuentra los mejores contenidos del mundo de la tecnolog\u00eda | Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10 &#8211; Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos\" \/>\n<meta property=\"og:description\" content=\"En Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos encuentra los mejores contenidos del mundo de la tecnolog\u00eda | Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10\" \/>\n<meta property=\"og:url\" content=\"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/\" \/>\n<meta property=\"og:site_name\" content=\"Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/niixer\/\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-04T02:59:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-04T03:36:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-3-2026-10_05_13-PM.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1672\" \/>\n\t<meta property=\"og:image:height\" content=\"941\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"aramireza2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"aramireza2\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10 &#8211; Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos","description":"En Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos encuentra los mejores contenidos del mundo de la tecnolog\u00eda | Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/","og_locale":"es_ES","og_type":"article","og_title":"Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10 &#8211; Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos","og_description":"En Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos encuentra los mejores contenidos del mundo de la tecnolog\u00eda | Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10","og_url":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/","og_site_name":"Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos","article_publisher":"https:\/\/www.facebook.com\/niixer\/","article_published_time":"2026-05-04T02:59:44+00:00","article_modified_time":"2026-05-04T03:36:34+00:00","og_image":[{"width":1672,"height":941,"url":"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-3-2026-10_05_13-PM.png","type":"image\/png"}],"author":"aramireza2","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"aramireza2","Tiempo de lectura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/#article","isPartOf":{"@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/"},"author":{"name":"aramireza2","@id":"https:\/\/niixer.com\/#\/schema\/person\/0228ebf5fb50511927637054fde890a6"},"headline":"Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10","datePublished":"2026-05-04T02:59:44+00:00","dateModified":"2026-05-04T03:36:34+00:00","mainEntityOfPage":{"@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/"},"wordCount":576,"publisher":{"@id":"https:\/\/niixer.com\/#organization"},"image":{"@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/#primaryimage"},"thumbnailUrl":"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-3-2026-10_05_13-PM.png","keywords":["an\u00e1lisis de seguridad","ciberseguridad","Hacking \u00c9tico","OWASP Top 10","Pentesting","redes","vulnerabilidades"],"articleSection":["Hacking \u00c9tico"],"inLanguage":"es"},{"@type":"WebPage","@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/","url":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/","name":"Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10 &#8211; Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos","isPartOf":{"@id":"https:\/\/niixer.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/#primaryimage"},"image":{"@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/#primaryimage"},"thumbnailUrl":"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-3-2026-10_05_13-PM.png","datePublished":"2026-05-04T02:59:44+00:00","dateModified":"2026-05-04T03:36:34+00:00","description":"En Portal de noticias de tecnolog\u00eda, Realidad Virtual, Aumentada y Mixta, Videojuegos encuentra los mejores contenidos del mundo de la tecnolog\u00eda | Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10","breadcrumb":{"@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/#primaryimage","url":"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-3-2026-10_05_13-PM.png","contentUrl":"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-3-2026-10_05_13-PM.png","width":1672,"height":941,"caption":"Cib erserguridad"},{"@type":"BreadcrumbList","@id":"https:\/\/niixer.com\/index.php\/2026\/05\/03\/hacking-etico-analisis-web\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/niixer.com\/"},{"@type":"ListItem","position":2,"name":"Hacking \u00e9tico web: an\u00e1lisis de vulnerabilidades con OWASP Top 10"}]},{"@type":"WebSite","@id":"https:\/\/niixer.com\/#website","url":"https:\/\/niixer.com\/","name":"Portal de noticias de tecnolog\u00eda, ciencia, Android, iOS, Realidad Virtual, Aumentada y Mixta, Videojuegos, computadores, todo lo mas reciente en tecnolog\u00eda","description":"Portal de noticias de tecnolog\u00eda","publisher":{"@id":"https:\/\/niixer.com\/#organization"},"alternateName":"Niixer","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/niixer.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/niixer.com\/#organization","name":"Niixer","alternateName":"Niixer.com","url":"https:\/\/niixer.com\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/niixer.com\/#\/schema\/logo\/image\/","url":"https:\/\/niixer.com\/wp-content\/uploads\/2022\/08\/logo-niixer-sin-fondo-1.png","contentUrl":"https:\/\/niixer.com\/wp-content\/uploads\/2022\/08\/logo-niixer-sin-fondo-1.png","width":140,"height":140,"caption":"Niixer"},"image":{"@id":"https:\/\/niixer.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/niixer\/","https:\/\/www.instagram.com\/niixer.tecnologia\/"]},{"@type":"Person","@id":"https:\/\/niixer.com\/#\/schema\/person\/0228ebf5fb50511927637054fde890a6","name":"aramireza2","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/120faa257cabbfd2c345da87c2b581903dc6586ed2fa7b6b6879d366cd56fc2e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/120faa257cabbfd2c345da87c2b581903dc6586ed2fa7b6b6879d366cd56fc2e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/120faa257cabbfd2c345da87c2b581903dc6586ed2fa7b6b6879d366cd56fc2e?s=96&d=mm&r=g","caption":"aramireza2"},"url":"https:\/\/niixer.com\/index.php\/author\/aramireza2\/"}]}},"jetpack_featured_media_url":"https:\/\/niixer.com\/wp-content\/uploads\/2026\/05\/ChatGPT-Image-May-3-2026-10_05_13-PM.png","_links":{"self":[{"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/posts\/86304","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/users\/1937"}],"replies":[{"embeddable":true,"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/comments?post=86304"}],"version-history":[{"count":7,"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/posts\/86304\/revisions"}],"predecessor-version":[{"id":86328,"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/posts\/86304\/revisions\/86328"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/media\/86318"}],"wp:attachment":[{"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/media?parent=86304"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/categories?post=86304"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/niixer.com\/index.php\/wp-json\/wp\/v2\/tags?post=86304"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}