A Guide To Director Enumeration and Content Discovery
A post far too long for email
Hello, Hoodies!
It’s been FAR TOO LONG since we had a paid post.
Let’s get back to it with a BANG.
For those following along on the Red Team Series, this is going to be a great addition to your toolbox.
Directory enumeration is key in any pentest and is common place in many CTFs so don’t miss this one!
But first, we still have the Bootcamp Giveaway going on!
Every dollar spent on the substack is an entry to win! The winner will be announced on Christmas Day.
So upgrade to a PAID HOODIE in the STACK and enter to win!
And speaking of bootcamps, keep an eye on your inbox for the announcement of a January Cohort 👀
(preregister here - https://bowtiedcyber.gumroad.com/l/mpqng)
Now, here’s Hoodie X on this VERY long overdue post:
Hey there Hoodies!
I hope you all are doing well. In my last article, I told you about explaining the Directory enumeration and content discovery process. Wait no more, you have it. This article will be entirely devoted to Web Content Discovery. We are going to use multiple tools and techniques for discovering web content. Let’s get into it.
Preparation
For this article, we will be using several labs from tryhackme. They will be the DVWA and OWASP Mutillidae II, both labs can be used for free. All you need is just a tryhackme account. Download your VPN config and connect using openvpn.
Now start both DVWA and Multilldae.
Wait for the machine to be ready. And when it is let’s go.