HTTP Enum
Enumerate directories.
The main thing to remember here is to always run against multiple wordlists starting with directory-list-2.3-medium.txt
The main thing to remember here is to always run against multiple wordlists starting with directory-list-2.3-medium.txt Gobuster
# URL Search
-- Quick Directory Busting:
gobuster dir -u 10.10.10.20 -w /usr/share/seclists/Discovery/Web_Content/common.txt -t 80 -a Linux
gobuster dir -u 10.10.10.20 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -t 80 -a Linux
-- Comprehensive Directory Busting
gobuster dir -s 200,204,301,302,307,403 -u 10.10.10.10 -w /usr/share/seclists/Discovery/Web_Content/big.txt -t 80 -a 'Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0'
-- Search with File Extension
gobuster dir -u 10.10.10.10 -w /usr/share/seclists/Discovery/Web_Content/common.txt -t 80 -a Linux -x .sh,.html,.txt,.php
==========================================================================================================================================================================================
# DNS Search
gobuster dns -d anysite.com -t 50 -w /wordlists/subdomains.txt
==========================================================================================================================================================================================
# vhost Search
gobuster vhost -u https://anysite.com -w common-vhosts.txtFFUF
Nikto Web Scan
Wordpress Scan
Drupal
Joomla
Dirb
Dirsearch
Netcat
cUrl
Wfuzz
Upload a PHP file
WebDav
ASPx Webshell
Code Execution through HTTP/LFI
Last updated