The text from this page can be cleanly downloaded to your terminal directly using the following command: curl -s https://harfordcda.neocities.org/web_enum.html | sed 's/<[^>]*>//g ; /^$/d'| tr -s '\n' '\n' | sed -r /^r?$/d Linux PrivEsc SMB and RPC Enumeration #################################### What services are running on the site? #################################### whatweb "site" -v curl -I -X HEAD -A "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.0)" http:// #################################### Nmap has very robust options for getting specific details on running services, to view avilable nmap NSE scripts for web enumeration: ls /usr/share/nmap/scripts | grep http nmap --script-help "discovery" #################################### Other web enumeration non-specific perl .uniscan.pl -u "site" -qweds nikto -h site #################################### Brute forcing for directories: #################################### git clone https://github.com/danielmiessler/SecLists; cd seclists; ls -al git clone https://github.com/OJ/gobuster gobuster dir -e -u http://site/ --timeout 60s -t 100 -w seclists/Discovery/Web-Content/big.txt -x php,pdf,txt,html,js,php5, #################################### git clone https://github.com/maurosoria/dirsearch; cd dirsearch; python3 dirsearch.py -u http://site -e php,asp,txt,pdf,sql #################################### dirb http://url/ ####################################
Web enumeration/Application testing manuals and books