[email protected]
[email protected]
[email protected]
[email protected]
About fkclai
My Work
Exploit/CVE PoC
ZeroLogon Exploit
Remote Retrieved Chrome saved Encrypted Password
Twitter Control an RCE attack
Exploitation Guide
01 Reconnaissance
02 Port Enumeration
03 Web Enumeration
04 Windows Enum & Exploit
05 File Enumeration
06 Reverse Shell Cheat Sheet
07 SQL Injection
08 BruteForce
Hack The Box (Writeup)
Windows Machine
Linux Machine
Vuln Hub (Writeup)
MrRobot
CYBERRY
MATRIX 1
Node-1
DPwwn-1
DC7
AiWeb-2
AiWeb-1
BrainPan
CTF (Writeup)
Hacker One
CTF Learn
P.W.N. University - CTF 2018
HITCON
Useful Command/Tools
Windows
Linux
Offensive Security Lab & Exam
Lab
Powered by GitBook

03 Web Enumeration

Port 80/443 Enumeration

# Sub-folder checking
dirb http://10.10.10.158/ /usr/share/wordlists/dirb/common.txt -o dirb-158.result 
gobuster dir -u 'http://10.10.10.158/' -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -o gobuster-158.result 

python3 /root/Documents/ctf/tools/dirsearch/dirsearch.py -u http://10.10.10.158/ -e jsp,txt -x 301,302,403,404 --simple-report=dirsearch-158.result
-- https://github.com/ffuf/ffuf
ffuf -w /usr/share/wordlists/dirb/common.txt -u http://10.10.10.175/
# Nikto
nikto -h http://10.11.1.111
# Nikto with squid proxy
nikto -h 10.11.1.111 -useproxy http://10.11.1.111:4444
# CMS Explorer
cms-explorer -url http://10.11.1.111 -type [Drupal, WordPress, Joomla, Mambo]

Exploitation Guide - Previous
02 Port Enumeration
Next - Exploitation Guide
04 Windows Enum & Exploit
Last updated 1 month ago