HTTP/HTTPS 80/443/*

HTTP

Nikto

Scan for web application vulnerability

nikto -h $TARGET_URL

Gobuster

Brute force directories and files in websites.

gobuster -w /usr/share/seclists/Discovery/Web_Content/common.txt -u $TARGET_URL

HTTPS

sslscan

Check for OpenSSL HeartBleed

sslscan $TARGET_URL

Web Applications

PHP

Important information in phpinfo()

  • DOCUMENT_ROOT

Wordpress

wpscan --url $TARGET_URL
PreviousSMTP 25NextSMB 139/443

Last updated