Nikto

This is an open source web scanner that looks for outdated versions, specific version problems, and other things

Syntax: nikto -host http://x.x.x.x
Through a proxy: nikto -host -useproxy http://<ip>:<port>

Gobuster

Gobuster is a command line tool that can brute force URI’s in websites. Gobuster is usually faster than Dirbuster, fwiw.

Syntax: gobuster dir -u http://x.x.x.x -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

Through a Proxy: gobuster dir -u http://127.0.0.1 -p http://kalamari:ihateseafood@10.10.10.21:3128 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -t 40

Common Kali Wordlist Locations

  • /usr/share/wordlists/
  • /usr/share/wordlists/dirbuster/
  • /usr/share/wordlists/dirb/

Dirbuster

Wfuzz

Wfuzz is a tool for bruteforcing web applications. Documentation is available here: https://wfuzz.readthedocs.io/en/latest/

Syntax: wfuzz -c -w <wordlist> <http://x.x.x.x/FUZZ>

wfuzz -w /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-small.txt -z list,-.pdf –hc 404,403 https://intra.redcross.htb/documentation/FUZZFUZ2Z

  • -c = output with colors
  • You need to specify the word FUZZ where you want the wordlist to hit in the URL.

DirSearch

https://github.com/maurosoria/dirsearch

python3 dirsearch.py -u http://<IP address> -e php,html -x 400,401,403

WebDAV / davtest

WebDAV is an extension of HTTP that allows clients to perform remove Web content authoring. If you see it on a target, you can use a tool called davtest to try to enumerate.

Syntax: /usr/bin/davtest -url http://x.x.x.x

Leave a Reply

Your email address will not be published. Required fields are marked *