🎉

ペネトレ基礎

2022/10/15に公開約900字

NMAP

nmap flag Description
-sV Attempts to determine the version of the services running
-p <x> or -p- Port scan for port <x> or scan all ports
-Pn Disable host discovery and just scan for open ports
-A Enables OS and version detection, executes in-build scripts for further enumeration
-sC Scan with the default nmap scripts
-v Verbose mode
-sU UDP port scan
-sS TCP SYN port scan

nmap -n -p-

GoBuster

URI(ディレクトリとファイル)、DNSサブドメイン、仮想ホスト名をブルートフォースするために使用されるツールです。
sudo apt-get install gobuster

GoBuster flag Description
-e Print the full URLs in your console
-u The target URL
-w Path to your wordlist
-U and -P Username and Password for Basic Auth
-p <x> Proxy to use for requests
-c <http cookies> Specify a cookie for simulating your auth
-O os scan

gobuster dir -u http://<ip> -w /usr/share/wordlist

PHP

.php .php3 .php4 .php5 .php7 .pht .phtml
https://blog.hamayanhamayan.com/entry/2021/12/18/132236

Discussion

ログインするとコメントできます