port 80

Directory Busting: 
1.Gobuster
Syntax:
gobuster dir -u http://10.129.168.90 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
2. Dirbuster (GUI) 
3. Dirsearch 
python3 dirsearch.py -u http://bart.htb -e php,aspx,asp,txt -x 500,404,403
-x ignores specified status codes 
4. dirb 
​
nikto -h IP_ADDRESS
Nmap showing blocked http request 
Since nmap scan changes the host field, it might reveal some blocked http pages that a regular  browser session may not.
If you want to see what the browser sees, open up burp and send it to repeater to manually change the host field to something like "test" 

53 DNS

aspx with web.config RCE vuln

Last modified 11mo ago