Load Balancing Detector (LBD)
LBD is a tool that is best used in the initial information gathering phase of a penetration test. LBD is present in the default toolset of Kali Linux.
In this demonstration I will be using the preinstalled version of LBD on Kali Linux.
To start a scan type “lbd” followed by your target domain.
Ex. lbd vulnweb.com
Throughout the scan, LBD will check the domain given for DNS and HTTP load balancers. The scan results often contain IP addresses, host names, cookie information, and the type of load balancing device. The image below displays the results from our scan.
Few things to note. Most of the additional options listed in the help section would not work at the time of testing using version 0.4. Running options such as “-a” or “-l” would only display the help section. As it states in the help documentation lbd is considered a proof of concept script and could result in false positives. Expectations should be tempered with this tool, however, its basic feature does provide valuable information that could assist with target research and penetration testing.
Leave a Comment