😂Directory Enumeration

Tools

[1] Dirbuster
[2] gobuster
[3] dirb

Extension to find

php, old, bak, html, txt

Gobuster

Directory Enumeration [gobuster]

gobuster dir -u <http://10.104.11.96/> -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php,bak,old

Vhost Enumeration [gobuster]

gobuster vhost -u <IP-Address> -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-20000.txt

Basic Authentication [gobuster]

gobuster dir -uhttp://172.16.64.140/project/-w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -U admin -P admin -x php,bak,old

Notations

dir ==> Directory Enumeration
vhost ==> Subdomain Enumeration
-u ==> URL to use
-w ==> Wordlist to use
-x ==> Extensions to search for
-U ==> Username to use [Basic Authentiation]
-P ==> Password to use [Basic Authentication]

dirb

dirb <http://172.16.64.140/project-u> admin:admin

Notations

-u ==> use basic authentication (user:pass)

PreviousInteractive Shell NextARP Spoofing

Last updated 2 years ago

hashtagExtension to find

hashtagGobuster

hashtagDirectory Enumeration [gobuster]

hashtagVhost Enumeration [gobuster]

hashtagBasic Authentication [gobuster]

hashtagdirb