From b6c15f34c8ce0d0db6eed71fb3fa95efc34b1fdb Mon Sep 17 00:00:00 2001
From: wstgbot <62450690+wstgbot@users.noreply.github.com>
Date: Wed, 8 Oct 2025 12:33:04 +0000
Subject: [PATCH] Publish Latest 2025-10-08

Updates based on OWASP/wstg@30b74b0
---
 .../01-Information_Gathering/02-Fingerprint_Web_Server.md      | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md b/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md
index 8708700..ee7e6d1 100644
--- a/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md
+++ b/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md
@@ -173,7 +173,8 @@ Server: lighttpd/1.4.54
 </html>
 ```
 
-As default error pages offer many differentiating factors between types of web servers, their examination can be an effective method for fingerprinting even when server header fields are obscured.
+As default error pages offer many differentiating factors between types of web servers, their examination can be an effective method for fingerprinting even when server header fields are obscured.  
+Furthermore, this [resource](https://0xdf.gitlab.io/cheatsheets/404) can be handy, especially when you come across default error pages that do not disclose the web server type.
 
 ### Using Automated Scanning Tools