HTTP Enumeration

Target Host IP: 10.0.0.20

Brute Forcing using DirBuster

1. Start the dirbuster and set the options.

Note:

  1. The wordlist can be found locally or downloaded from the Internet.

OR  Dirbuster-ng big wordlist dowload site:https://github.com/digination/dirbuster-ng/tree/master/wordlists

2. Progress in sacanning.

3. Scan result tree. We may find some interesting things here.

4.Open the test.php in browser, and review the source code.

Brute Forcing using nikto

1. Scan the target port 80(http).

nikto -h 10.0.0.20

2. Scan the target port 443(https).

nikto -h 10.0.0.20:

OSCP Learning Notes - Enumeration(2)的更多相关文章

  1. OSCP Learning Notes - Enumeration(4)

    DNS Enumeration 1. Host Tool host is a simple utility for performing DNS lookups. It is normally use ...

  2. OSCP Learning Notes - Enumeration(3)

    SMB Enumeration 1. Set the smb configurations. locate smb.conf vim /etc/samba/smb.conf Insert the gl ...

  3. OSCP Learning Notes - Enumeration(1)

    Installing Kioptrix: Level 1 Download the vm machine form https://www.vulnhub.com/entry/kioptrix-lev ...

  4. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

  5. OSCP Learning Notes - Buffer Overflows(3)

    Finding Bad Characters 1. Find the bad charaters in the following website: https://bulbsecurity.com/ ...

  6. OSCP Learning Notes - Buffer Overflows(2)

    Finding the Offset 1. Use the Metasploite pattern_create.rb tool to create 5900 characters. /usr/sha ...

  7. OSCP Learning Notes - Buffer Overflows(1)

    Introduction to Buffer Overflows Anatomy of Memory Anatomy of the Stack Fuzzing Tools: Vulnserver -  ...

  8. OSCP Learning Notes - Netcat

    Introduction to Netcat Connecting va Listening Bind Shells Attacker connects to victim on listening ...

  9. OSCP Learning Notes - Scanning(2)

    Scanning with Metasploite: 1. Start the Metasploite using msfconsole 2. search modules 3.Choose one ...

随机推荐

  1. 关于margin外边距合并的问题

    一 .兄弟元素margin外边距合并演示   当两个垂直方向相邻的兄弟元素都为常规流块盒,他们之间垂直方向的外边距不是两者之和,而是取两者中的最大值.这种现象被称为相邻的兄弟元素垂直方向外边距合并. ...

  2. Appium定位元素

    定位元素规则 和 Selenium Web自动化一样,要操作界面元,必须先定位(选择)元素. Appius是基于 Selenium的,所以和 Selenium代码定位元素的基本规则相同 find el ...

  3. Python Selenium百度搜索翻页查找文字

    #!/usr/bin/python # -*- coding: utf- -*- from selenium import webdriver import time # browser = webd ...

  4. 状压DP 从TSP问题开始入门哦

      一开始学状压DP难以理解,后来从TSP开始,终于入门了nice!!!! 旅行商问题 :    给定n个城市和两两相互的距离 ,求一条路径经过所有城市,并且路径达到最下仅限于; 朴树想法: 做n个城 ...

  5. java基础-java与c#接口不同点

    1.接口中定义成员 C#,如图我在接口ITest添加了一个字段n,那么vs直接就显示红色的底线,而错误就是接口不能包含字段 java,如下图,编译也是报错但是并不是接口中不能包含而是缺少赋值,那么我们 ...

  6. eclipse导入git项目

    复制项目的git路径 Eclipse打开 Git Repostitories 视图 弹出show view窗口 选择ok ,进入git repositories 视图窗口 我这里已经导入从我的git仓 ...

  7. MongoDB副本集replica set(三)--添加删除成员

    在上一篇文章中,我们搭建了3个节点的副本集,集群信息如下: rstest:PRIMARY> rs.config() { "_id" : "rstest", ...

  8. Dll的多字节和Unicode

    Dll的多字节和Unicode 分类: MFC2013-10-17 13:00 28人阅读 评论(0) 收藏 举报 dll字符集字符集多字节Unicode 我们定义dll的时候会区分: 字符集:使用多 ...

  9. 前端日常工作中常用开发小技巧 ---JavaScript

    1.格式化金钱值 const ThousandNum = num => num.toString().replace(/\B(?=(\d{3})+(?!\d))/g, "," ...

  10. 路由网关(Zuul)

    上一篇已经讲了微服务组件中的 分布式配置中心,本章讲述 由JAVA编写的服务路由网关Zuul… - Zuul 路由是微服务体系结构的一个组成部分.例如 / 可以映射到您的Web应用程序,/api/us ...