URL & App Scan
In order to be able to identify vulnerabilities within an application, URLs is a good place to start. In a black box testing the urls will not be revealed and it has to be determined. The following tools can be used for either checking for URLs from a predefined list.
DIRB
In the following command a wordlist is also supplied. In case of no wordlist, dirb will use a default one.
Gobuster
The below command can be used for enumerating URLs,
The following command can be used for enumerating parts of an URL,
dir - Enumerate the directories
dns - DNS subdomain enumeration
s - The status codes that the scan should return
z - No progress, don't display it
e - Expanded mode, print complete url
x - Extensions to search for
Nikto
Nikto does a general scan of the webserver for vulnerabilities and some of the obvious urls that may be vulnerable,
Whatweb
Whatweb identifies the web technologies used in a website. It can also identify content management systems, javascripts, web servers, etc.
Last updated