Manual
HTTP(s)
robots.txt
Boxe name? Like ClamAv?
source
inspect
domain?
if found domain run scan again with domain
DNS fuzz subdomains
HTTPS?
if you find HTTPS, take a look at the certificate
nikto -ask=no -h http://192.168.81.56:8080 2>&1 | tee "tcp_8080_http_nikto.txt"
is it python?
STI
Fuzz:
/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt
/usr/share/seclists/Discovery/Web-Content/raft-medium-files.txt
/usr/share/wordlists/dirb/big.txt
/usr/share/wordlists/dirb/common.txt
/usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-medium.txt
/usr/share/wordlists/dirbuster/directories.jbrofuzz
/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txtSSH
FTP
SMTP
Last updated
Was this helpful?