From the course: Ethical Hacking: Enumeration
Join today to access over 24,800 courses taught by industry experts.
Enumerating hidden webpages
From the course: Ethical Hacking: Enumeration
Enumerating hidden webpages
- [Instructor] Spidering is fine for pages linked to the main web route, but we also need to find those pages that aren't. For that, we can use one of a number of tools, the main ones being DIRB, DirBuster, and Gobuster. Let's look at a couple of these. DIRB by default uses its own small dictionary of webpages, which can be used as a first-pass enumeration. Like Gobuster and DirBuster, it also gives us the option of specifying a wordless file and selecting specific file extensions to search for. Let's run DIRB in its simplest form, dirb http://10.0.2.8. The default dictionary for DIRB is in alphabetical order, and we can see the current word list being tested. We can see it's quickly found a number of files and folders at the top level. Once the top level structure and files have been listed, DIRB starts enumerating the folders, and providing a second level of enumeration, and this goes on until all folders and subfolders…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.