80/443 - HTTP/HTTPs

Nmap

sudo nmap -p80  -sV $IP
sudo nmap -p80 --script=http-enum $IP

Gobuster Directory

gobuster dir -u http://$1 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -t 300 -o gobuster.root -k -x $2 &
gobuster dir -u http://$IP -w /usr/share/wordlists/dirb/common.txt # Defautl threads is 10
gobuster dir -u http://$IP -w /usr/share/wordlists/dirb/common.txt -x php,txt,md,aspx
gobuster dir -u http://$IP -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt 
gobuster dir -u http://$IP -w /usr/share/wordlists/dirb/big.txt -p {GOBUSTER}/v1

dirb http://$1 -o dirb.txt

Feroxbuster

feroxbuster -u http://dev01.artcorp.htb -x php

Virtual Hosting Brute-Foring

wfuzz -u http://10.10.11.140 -H "Host: FUZZ.artcorp.htb" -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt --hh 0
/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt 
/usr/share/seclists/Discovery/Web-Content/raft-medium-words.txt
common.txt
directory-list-2.3-medium.txt
/usr/share/wfuzz/wordlist/general/megabeast.txt
Previous135 - RPC clientNext161 - SNMP

Last updated