Pentest Tips
  • ABOUT
  • Information Shares
  • CTF
    • Stego
    • Memory
  • Blue Team
    • Tools/Resources
    • One Liners
    • Threat Hunting
    • Scripts
    • Intrusion
  • Web
    • Resources
    • General Web
    • Subdomain Discovery
    • Content Discovery
    • MYSQL
    • Burpsuite
  • Network Exploitation
    • Resources
    • Kerberos
    • Network Based
    • Phishing
    • Metasploit
    • Weaponization
    • Password Cracking
    • Shell Upgrades
    • Linux PrivEsc
    • Windows PrivEsc
    • Windows Persistence
    • Exfiltration
  • Windows Internals
    • Kernal
  • Recon
    • Nmap
    • OSINT
    • SMB Enumeration
    • LDAP
    • Physical
  • Malware
    • Obfuscation
  • Scripting
    • Bash Basics
    • Powershell Basics
  • Cloud
    • AWS
  • Game Hacking
    • Resources
Powered by GitBook
On this page
Edit on GitHub
  1. Web

Content Discovery

Gobuster:

# Discover Pages
gobuster dir -u http://<ip>/ -w /usr/share/wordlists/dirb/big.txt -x php,html,xml,txt

# Follow paths recursivly
gobuster dir -u http://<ip>/ -w /usr/share/wordlists/dirb/big.txt -e -r -f

# Fast discovery
gobuster dir -u http://<ip>/ -w /usr/share/wordlists/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt -x php,html,xml,txt

GoSpider:

gospider -S domain.txt -o output -c 10 -d 1

Recursive download found sites:

wget -r -i sitelist.txt

## Create a list with all files 
find . -type f -exec echo "{}" \; | sort -u > allfiles.txt
PreviousSubdomain DiscoveryNextMYSQL

Last updated 3 years ago