80 Yaml

2021-08-15 14:08:52 -04:00 · 2021-08-15 14:08:52 -04:00 · 5cb5fb3ed9
commit 5cb5fb3ed9
parent 3f06798973
1 changed files with 46 additions and 39 deletions
--- a/pentesting/pentesting-web/README.md
+++ b/pentesting/pentesting-web/README.md
@ -375,53 +375,60 @@ Protocol_Name: Web    #Protocol Abbreviation if there is one.
 Port_Number:  80,443     #Comma separated if there is more than one.
 Protocol_Description: Web         #Protocol Abbreviation Spelled out

-Name: Notes
-Description: Notes for Web
-Note: """
-The web service is the most common and extensive service and a lot of different types of vulnerabilities exists.
+Entry_1:
+  Name: Notes
+  Description: Notes for Web
+  Note: |
+    The web service is the most common and extensive service and a lot of different types of vulnerabilities exists.

-https://book.hacktricks.xyz/pentesting/pentesting-web
-"""
+    https://book.hacktricks.xyz/pentesting/pentesting-web

-Name: Quick Web Scan
-Description: Nikto and GoBuster
-Command: """nikto -host {Web_Proto}://{IP}:{Web_Port} &&&& gobuster dir -w {Small_Dirlist} -u {Web_Proto}://{IP}:{Web_Port} && gobuster dir -w {Big_Dirlist} -u {Web_Proto}://{IP}:{Web_Port}"""
+Entry_2:
+  Name: Quick Web Scan
+  Description: Nikto and GoBuster
+  Command: nikto -host {Web_Proto}://{IP}:{Web_Port} &&&& gobuster dir -w {Small_Dirlist} -u {Web_Proto}://{IP}:{Web_Port} && gobuster dir -w {Big_Dirlist} -u {Web_Proto}://{IP}:{Web_Port}

-Name: Nikto
-Description: Basic Site Info via Nikto
-Command: """nikto -host {Web_Proto}://{IP}:{Web_Port}"""
+Entry_3:
+  Name: Nikto
+  Description: Basic Site Info via Nikto
+  Command: nikto -host {Web_Proto}://{IP}:{Web_Port}

-Name: WhatWeb
-Description: General purpose auto scanner
-Command: """whatweb -a 4 {IP}"""
+Entry_4:
+  Name: WhatWeb
+  Description: General purpose auto scanner
+  Command: whatweb -a 4 {IP}

-Name: Directory Brute Force Non-Recursive
-Description:  Non-Recursive Directory Brute Force
-Command: """gobuster dir -w {Big_Dirlist} -u {Web_Proto}://{IP}:{Web_Port}"""
+Entry_5:
+  Name: Directory Brute Force Non-Recursive
+  Description:  Non-Recursive Directory Brute Force
+  Command: gobuster dir -w {Big_Dirlist} -u {Web_Proto}://{IP}:{Web_Port}

-Name: Directory Brute Force Recursive
-Description: Recursive Directory Brute Force
-Command: """python3 {Tool_Dir}dirsearch/dirsearch.py -w {Small_Dirlist} -e php,exe,sh,py,html,pl -f -t 20 -u {Web_Proto}://{IP}:{Web_Port} -r 10"""
+Entry_6:
+  Name: Directory Brute Force Recursive
+  Description: Recursive Directory Brute Force
+  Command: python3 {Tool_Dir}dirsearch/dirsearch.py -w {Small_Dirlist} -e php,exe,sh,py,html,pl -f -t 20 -u {Web_Proto}://{IP}:{Web_Port} -r 10

-Name: Directory Brute Force CGI
-Description: Common Gateway Interface Brute Force
-Command: """gobuster dir -u {Web_Proto}://{IP}:{Web_Port}/ -w /usr/share/seclists/Discovery/Web-Content/CGIs.txt -s 200"""
+Entry_7:
+  Name: Directory Brute Force CGI
+  Description: Common Gateway Interface Brute Force
+  Command: gobuster dir -u {Web_Proto}://{IP}:{Web_Port}/ -w /usr/share/seclists/Discovery/Web-Content/CGIs.txt -s 200

-Name: Nmap Web Vuln Scan
-Description: Tailored Nmap Scan for web Vulnerabilities
-Command: """nmap -vv --reason -Pn -sV -p {Web_Port} --script=`banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)` {IP}"""
+Entry_8:
+  Name: Nmap Web Vuln Scan
+  Description: Tailored Nmap Scan for web Vulnerabilities
+  Command: nmap -vv --reason -Pn -sV -p {Web_Port} --script=`banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)` {IP}

-Name: Drupal
-Description: Drupal Enumeration Notes
-Notes: """
-git clone https://github.com/immunIT/drupwn.git for low hanging fruit and git clone https://github.com/droope/droopescan.git for deeper enumeration
-"""
+Entry_9:
+  Name: Drupal
+  Description: Drupal Enumeration Notes
+  Notes: |
+    git clone https://github.com/immunIT/drupwn.git for low hanging fruit and git clone https://github.com/droope/droopescan.git for deeper enumeration
+
+Entry_10:
+  Name: WordPress
+  Description: WordPress Enumeration with WPScan
+  Command: |
+    ?What is the location of the wp-login.php? Example: /Yeet/cannon/wp-login.php
+    wpscan --url {Web_Proto}://{IP}{1} --enumerate ap,at,cb,dbe && wpscan --url {Web_Proto}://{IP}{1} --enumerate u,tt,t,vp --passwords {Big_Passwordlist} -e

-Name: WordPress
-Description: WordPress Enumeration with WPScan
-Command: """
-?What is the location of the wp-login.php? Example: /Yeet/cannon/wp-login.php
-wpscan --url {Web_Proto}://{IP}{1} --enumerate ap,at,cb,dbe && wpscan --url {Web_Proto}://{IP}{1} --enumerate u,tt,t,vp --passwords {Big_Passwordlist} -e
-"""
 ```
-