# Pentesting Port 80,443

## Nmap Scan Command

```python
# -A means Aggressive Scan
# -v means Verbose Output

 # i normally use this command for initial scan this works best for me 
 
nmap -A -v 10.10.10.10  
```

## Nmap Full  Port Scan Command (If you want to Speed Up )

```python
# --min-rate will make the scan faster, you can send any number of packets you want 

# I run this command more than 2 times to confirm, because it is very fast

nmap -A -v -p- --min-rate=10000 10.10.10.10

```

## Directory BruteForcing

For Directory Bruteforcing my favourite Tool is **FFUF** and **Feroxbuster**

### Feroxbuster Command

```python
# this is the command which i use when i use feroxbuster
# I Normally Change this command based on the output
# i have edited the configuration file to use common.txt wordlist from seclist
 
feroxbuster -u https://www.google.com/
```

<figure><img src="/files/Z9rmAi1LuwM2JfzDdyjE" alt=""><figcaption></figcaption></figure>

### Feroxbuster POST and GET Fuzzing

```python
feroxbuster -u http://www.google.com -m GET,POST
```

<figure><img src="/files/p9bRuWF7rvgCk9Dc8u88" alt=""><figcaption></figcaption></figure>

### Changing the Conf of Feroxbuster

I use **Sublime text** for editing my stuff and for code editing i use **VScode**

```html
┌──(root㉿kali)-[~]
└─ subl /etc/feroxbuster/ferox-config.toml

```

<figure><img src="/files/ulLYZRG4jNPppeleuYHS" alt=""><figcaption><p>I have set the wordlist to Common.txt from seclist</p></figcaption></figure>

## FFUF Command

I use the following command when i use **FFUF**

```python
# -u is for url
# -w is for wordlist
# -c is for colors

# i use more flags as well for filtering, but this is my basic command

ffuf -u https://www.google.com/FUZZ -w /usr/share/seclists/Discovery/Web-Content/common.txt -c
```

<figure><img src="/files/i3TiTGHyDgPB4NFS6FZN" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://notes.programmersecurity.com/web-pentesting-stuff/pentesting-port-80-443.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.