🟥Fuzzing / Enumeration

Directory Enumeration

feroxbuster -u http://abc.com -o ferox.txt

feroxbuster -u www.dyson.in -n -C 401,403,404,500 -o ferox.txt

gobuster dir -k -o buster -x txt,php,html -w /usr/share/seclists/Discovery/Web-Content/raft-medium-directories-lowercase.txt -t 50 -u http://192.168.218.181

gobuster dir -U admin -P admin -w /usr/share/wordlists/dirb/common.txt -u http://192.168.120.73/svn

ffuf -u http://10.10.10.206/FUZZ -w /usr/share/seclists/Discovery/Web-Content/raft-medium-directories-lowercase.txt -fc 400-500 -mc 200-399 -o fuzz.txt -e php,txt,html -t 55

Also try with extensions & large-wordlist

php,asp,aspx,txt,html,js,git,pdf,config,bak,backup

/usr/share/seclists/Discovery/Web-Content/raft-large-directories-lowercase.txt

Source code link-finder

linkf -i http://domain -o links.html

python /home/vaibhav/github/LinkFinder/linkfinder.py -h

subdomains enumeration

ffuf -u http://FUZZ.sneakymail.htb -w ~/chaos/SecLists/Discovery/DNS/subdomains-top1million-5000.txt

wfuzz -c -w /usr/share/seclists/Discovery/DNS/bitquark-subdomains-top100000.txt -u http://10.10.10.197 -H "Host: FUZZ.sneakycorp.htb" --hh 185

PreviousWeb Pentest NextChecklist

Last updated 1 year ago

hashtagDirectory Enumeration

hashtagAlso try with extensions & large-wordlist

hashtagSource code link-finder

hashtagsubdomains enumeration

Directory Enumeration

Also try with extensions & large-wordlist

Source code link-finder

subdomains enumeration