coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #582 from vgeorgiev90/master

Browse Source 
Adding Vhost scanning with ffuf to hacktricks automatic commands
This commit is contained in:
Carlos Polop 2023-02-15 09:59:11 +01:00 committed by GitHub
commit 32cf3387e4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
network-services-pentesting/pentesting-web/README.md
View File

@ -416,6 +416,11 @@ Entry_11:
Name: WordPress Hydra Brute Force
Description: Need User (admin is default)
Command: hydra -l admin -P {Big_Passwordlist} {IP} -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'
Entry_12:
Name: Ffuf Vhost
Description: Simple Scan with Ffuf for discovering additional vhosts
Command: ffuf -w {Subdomain_List}:FUZZ -u {Web_Proto}://{Domain_Name} -H "Host: FUZZ.{Domain_Name}" -c -mc all {Ffuf_Filters}
```
<img src="../../.gitbook/assets/i3.png" alt="" data-size="original">\