Buy me a tea

HTTP & HTTPS

  • Usually port 80, 443

Checkout also the web pentesting chapter of CSbyGB Pentips.

Enumerating HTTP and HTTPS

Default web page

  • We can go check the page in the browser and see what we find if we have 30 or 443 open (or both)

  • Default web page = automatic finding. Disclose info about the tecnology used: web server, version, hostname etc. = Information Disclosure

Nikto

  • We can also launch nikto nikto -h http://host.com

    • Example of nikto result image

    • It finds possible vulnerability

    • Will even do some directory busting

Dirbuster

  • We can use dirbuster or gobuster to check if we find hidden directories (directory busting). Here is an example with dirbuster image

  • Example of results in tree view image

  • Example of results in list image

Source code

  • We can select view source in the browser.

  • In there we can check for comments, usernames, passwords, keys etc.

Burpsuite

  • We can use the repeater to inspect a request modify it and analyze the response

Resources

LogoPage not found - HackTricksbook.hacktricks.xyz
Pentesting Web - Hacktricks
PreviousFTPNextIMAP

Last updated