port 80
Directory Busting:
Gobuster
Syntax:
2. Dirbuster (GUI)
3. Dirsearch
-x ignores specified status codes
4. dirb
nikto -h IP_ADDRESS
Nmap showing blocked http request
Since nmap scan changes the host field, it might reveal some blocked http pages that a regular browser session may not.
If you want to see what the browser sees, open up burp and send it to repeater to manually change the host field to something like "test"
Last updated