Hacking Cheatsheet

Some notes while doing some CTF.

Collecting information about an IP

Port scan with nmap

sudo nmap -sC -sV -oA nmap/version $IP

Web inventory

Searching for webdirectories

gobuster dir -u http://oouch.htb:5000/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt | tee gobuster-directories.txt

Searching for domain names

gobuster vhost -u http://oouch.htb:5000/ -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt | tee gobuster-vhosts.txt
wfuzz  --hh 0 --hc 302 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt  -H 'Host: FUZZ.oouch.htb' -u http://oouch.htb:5000/

hacking

62 Words

2020-04-14 10:51 +0000