Pentesting Port 80,443

Nmap Scan Command

# -A means Aggressive Scan
# -v means Verbose Output

 # i normally use this command for initial scan this works best for me 
 
nmap -A -v 10.10.10.10

Nmap Full Port Scan Command (If you want to Speed Up )

# --min-rate will make the scan faster, you can send any number of packets you want 

# I run this command more than 2 times to confirm, because it is very fast

nmap -A -v -p- --min-rate=10000 10.10.10.10

Directory BruteForcing

For Directory Bruteforcing my favourite Tool is FFUF and Feroxbuster

Feroxbuster Command

# this is the command which i use when i use feroxbuster
# I Normally Change this command based on the output
# i have edited the configuration file to use common.txt wordlist from seclist
 
feroxbuster -u https://www.google.com/

Feroxbuster POST and GET Fuzzing

feroxbuster -u http://www.google.com -m GET,POST

Changing the Conf of Feroxbuster

I use Sublime text for editing my stuff and for code editing i use VScode

┌──(root㉿kali)-[~]
└─ subl /etc/feroxbuster/ferox-config.toml
I have set the wordlist to Common.txt from seclist

FFUF Command

I use the following command when i use FFUF

# -u is for url
# -w is for wordlist
# -c is for colors

# i use more flags as well for filtering, but this is my basic command

ffuf -u https://www.google.com/FUZZ -w /usr/share/seclists/Discovery/Web-Content/common.txt -c
PreviousWelcomeNextFFUF Commands

Last updated