Enumerating HTTP and HTTPS

Nikto

  • Tool for website vulnerability scanning

  • Syntax - nikto -h TARGET_SITE

Nikto example

Dirbuster

  • Run using dirbuster command from terminal

  • Specify port along with target IP or website

  • Looks for directories and files across the web server

  • Recommended file extensions:

    • php

    • txt

    • zip

    • rar

    • pdf

    • docx

Dirbuster Setup Example
Dirbuster Scan Results
PreviousBanner GrabbingNextEnumerating SMB

Last updated