💻
oscp-study-notes
  • What is this?
  • Scanning & Enumeration
    • FTP 21
    • SMTP 25
    • HTTP/HTTPS 80/443/*
    • SMB 139/443
  • Vulnerabilites & Exploitation
    • Socket Programming
    • Generate shellcodes
    • Shellshock
    • Cross Compiling
    • LFI/RFI
    • SQL Injection
    • CVE2009-3103
    • MS17-010
  • Privilege Escalation
  • File Transfers
  • Buffer Overflow
  • Port Redirection and Tunneling
  • Password Cracking
  • Proof
  • Netcat
  • Third-party Tools
  • Bypass AV
  • Methodology
  • Writing a report
  • Further Reading
Powered by GitBook
On this page
  • HTTP
  • Nikto
  • Gobuster
  • HTTPS
  • sslscan
  • Web Applications
  • PHP
  • Wordpress

Was this helpful?

  1. Scanning & Enumeration

HTTP/HTTPS 80/443/*

HTTP

Nikto

Scan for web application vulnerability

nikto -h $TARGET_URL

Gobuster

Brute force directories and files in websites.

gobuster -w /usr/share/seclists/Discovery/Web_Content/common.txt -u $TARGET_URL

HTTPS

sslscan

Check for OpenSSL HeartBleed

sslscan $TARGET_URL

Web Applications

PHP

Important information in phpinfo()

  • DOCUMENT_ROOT

Wordpress

wpscan --url $TARGET_URL
PreviousSMTP 25NextSMB 139/443

Last updated 5 years ago

Was this helpful?