📝
Basic Penetration Testing
  • About Knowledge
  • Server Enumeration
    • Scanning
    • Common Services
      • FTP - 21
      • SMTP - 25
      • SMB - 139, 445
  • Web Application
    • Enumeration
    • Exploitation
    • Execute Commands
    • Databases
      • MySQL
      • SQLite
      • MSSQL
      • PostgreSQL
  • Remote Code Execution
  • File Transfer
    • HTTP Server
    • SMB Protocol
    • FTP Server on Kali Linux
  • Hash Cracking
  • Privilege Escalation
    • Windows Privilege Escalation
    • Linux Privilege Escalation
  • Buffer Overflow
  • About LeeCyberSec
Powered by GitBook
On this page
  • Check version, platform
  • List URLs
  • Discovery files and directories
  • Nikto

Was this helpful?

  1. Web Application

Enumeration

Check version, platform

List URLs

curl http://$ip -s -L | grep "title\|href" | sed -e 's/^[[:space:]]*//'

Discovery files and directories

gobuster dir -u http://$ip/cgi-bin/ -w /usr/share/seclists/Discovery/Web-Content/ -x txt,sh,php,cgi -s '200,204,403,500'
gobuster dir -u http://$ip/ -w /usr/share/seclists/Discovery/Web-Content/cgis.txt

Nikto

nikto -h $ip
PreviousWeb ApplicationNextExploitation

Last updated 4 years ago

Was this helpful?