Directory/VHost Enumeration

Directory Enumeration

gobuster dir -u <URL> -w <WORDLIST> -o <OUTPUT FILE> -b 302,404 -k

gobuster dir -u <URL> -w <WORDLIST> -o <OUTPUT FILE> -x <EXTENSIONS> -b 404 -k

feroxbuster -u <URL> -x <EXTENSIONS>

fuff -w <WORDLIST> -u http://<IP>/FUZZ

fuff -w <WORDLIST> -u http://<IP>/FUZZ -fc <STATUS CODE TO IGNORE>

fuff -w <WORDLIST> -u http://<IP>/FUZZ -e <EXTENSIONS>

dirsearch -u <URL> -e <EXTENSIONS>

Virtual Host Enumeration

ffuf -w /usr/share/wordlists/seclists/Discovery/DNS/namelist.txt -u http://10.10.11.136 -H "HOST:FUZZ.panda.htb" > vhost-result.txt

cat vhost-result.txt | grep FUZZ

Extensions

sh,txt,php,html,htm,asp,aspx,js,xml,log,json,jpg,jpeg,png,gif,doc,pdf,mpg,mp3,zip,tar.gz,tar

Recommended dictionaries:

https://github.com/carlospolop/Auto_Wordlists/blob/main/wordlists/bf_directories.txt
Dirsearch included dictionary
http://gist.github.com/jhaddix/b80ea67d85c13206125806f0828f4d10
Assetnote wordlists
https://github.com/danielmiessler/SecLists/tree/master/Discovery/Web-Content
- raft-large-directories-lowercase.txt
- directory-list-2.3-medium.txt
- RobotsDisallowed/top10000.txt
https://github.com/random-robbie/bruteforce-lists
https://github.com/google/fuzzing/tree/master/dictionaries
https://github.com/six2dez/OneListForAll
https://github.com/random-robbie/bruteforce-lists
https://github.com/ayoubfathi/leaky-paths
/usr/share/wordlists/dirb/common.txt
/usr/share/wordlists/dirb/big.txt
/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

PreviousCMS NextFile Upload Vulnerability

Last updated 1 year ago

hashtagDirectory Enumeration

hashtagVirtual Host Enumeration

hashtagExtensions

Directory Enumeration

Virtual Host Enumeration

Extensions