search

๐Ÿ•ธ๏ธWeb Footprinting

hashtag
WhatWeb

  • whatweb <target ip>

hashtag
Internet Browser's Page Source

Look for leaked information within the page source code

hashtag
cURL

  • curl http://<target ip>

Find number of unique paths

  • curl https://<URL> > <filename> && cat <filename> | tr " " "\n" | cut -d"'" -f2 | cut -d'"' -f2 | grep "<URL>" | sort -u | wc -l

hashtag
Login & Execute Payload

code

curl --user offsec:elite 192.168.68.46:242/pwn.php

example

kali@kali:~$ curl --user offsec:elite 192.168.68.46:242/pwn.php

hashtag
Gobuster

  • gobuster dir -u http://<target ip> -w <wordlist>

hashtag
Gobuster flags

  • dir: Uses directory/file enumeration mode

  • -w: Path to the wordlist

hashtag
CeWL (Custom Wordlist Generator)

Cewl arrow-up-rightis a tool used to crawl a website to generate a custom wordlist

PreviousEnumerationNextExploit - Initial Foothold

Last updated