HTTP Enumeration

Target Host IP: 10.0.0.20

Brute Forcing using DirBuster

1. Start the dirbuster and set the options.

Note:

  1. The wordlist can be found locally or downloaded from the Internet.

OR  Dirbuster-ng big wordlist dowload site:https://github.com/digination/dirbuster-ng/tree/master/wordlists

2. Progress in sacanning.

3. Scan result tree. We may find some interesting things here.

4.Open the test.php in browser, and review the source code.

Brute Forcing using nikto

1. Scan the target port 80(http).

nikto -h 10.0.0.20

2. Scan the target port 443(https).

nikto -h 10.0.0.20:

OSCP Learning Notes - Enumeration(2)的更多相关文章

  1. OSCP Learning Notes - Enumeration(4)

    DNS Enumeration 1. Host Tool host is a simple utility for performing DNS lookups. It is normally use ...

  2. OSCP Learning Notes - Enumeration(3)

    SMB Enumeration 1. Set the smb configurations. locate smb.conf vim /etc/samba/smb.conf Insert the gl ...

  3. OSCP Learning Notes - Enumeration(1)

    Installing Kioptrix: Level 1 Download the vm machine form https://www.vulnhub.com/entry/kioptrix-lev ...

  4. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

  5. OSCP Learning Notes - Buffer Overflows(3)

    Finding Bad Characters 1. Find the bad charaters in the following website: https://bulbsecurity.com/ ...

  6. OSCP Learning Notes - Buffer Overflows(2)

    Finding the Offset 1. Use the Metasploite pattern_create.rb tool to create 5900 characters. /usr/sha ...

  7. OSCP Learning Notes - Buffer Overflows(1)

    Introduction to Buffer Overflows Anatomy of Memory Anatomy of the Stack Fuzzing Tools: Vulnserver -  ...

  8. OSCP Learning Notes - Netcat

    Introduction to Netcat Connecting va Listening Bind Shells Attacker connects to victim on listening ...

  9. OSCP Learning Notes - Scanning(2)

    Scanning with Metasploite: 1. Start the Metasploite using msfconsole 2. search modules 3.Choose one ...

随机推荐

  1. 小师妹学JVM之:JDK14中JVM的性能优化

    目录 简介 String压缩 分层编译(Tiered Compilation) Code Cache分层 新的JIT编译器Graal 前置编译 压缩对象指针 Zero-Based 压缩指针 Escap ...

  2. 键盘侠Linux教程(五)| 基本权限管理

    基本权限管理 权限的介绍 权限位的含义 前面讲解ls命令时,我们已经知道长格式显示的第一列就是文件的权限,例如: [root@es ~]# ls -l anaconda-ks.cfg -rw----- ...

  3. Windows7/10实现ICMP(ping命令)

    如果觉得本文如果帮到你或者你想转载都可以,只需要标注出处即可.谢谢 利用ICMP数据包.C语言实现Ping命令程序,能实现基本的Ping操作,发送ICMP回显请求报文,用于测试—个主机到只一个主机之间 ...

  4. 寻找hive数据倾斜路

    前言 一直以来我都是从书上.博客上.别人口中听说数据倾斜,自己也从而指导一些解决数据倾斜的方式或者一些容易出现数据倾斜的场景.但是从来没有认真的去发现过,寻求过,研究过. 正文 我打开了hive官网  ...

  5. 入门大数据---Hadoop是什么?

    简单概括:Hadoop是由Apache组织使用Java语言开发的一款应对大数据存储和计算的分布式开源框架. Hadoop的起源 2003-2004年,Google公布了部分GFS和MapReduce思 ...

  6. python实现简单的SVM

    # -*- coding: utf-8 -*- from sklearn.svm import SVC import numpy as np print(X.shape,Y.shape) X = np ...

  7. win10提示“无法设置移动热点 请打开WLAN”的解决方法

    一位用户在使用Win10创意者操作系统过程中,遇到了无法开启移动热点的情况,开关呈灰色状态,而且提示:无法设置移动热点 请打开WLAN,该如何解决呢?该用户表示Wlan一直开着呀,感觉非常奇怪.接下来 ...

  8. [CF1216E] Numerical Sequence hard version

    题目 The only difference between the easy and the hard versions is the maximum value of k. You are giv ...

  9. 【错误】上传新的项目出错 error: failed to push some refs to 'https://github.com/...

    问题描述:在git bash中键入 $ git push origin master 进行提交的时候出现 如下错误: error: failed to push some refs to 'https ...

  10. 最简单的jQuery轮播图(原理解析)

    html: <div class="middle_right"> <div id="lunbobox"> <div id=&quo ...