🌐Reconocimiento
Enumeración de Dominio Web
ffuf -u <http://web.com/FUZZ> -w <wordlist> -o <file>ffuf -w <wordlist> -H "Host: FUZZ.web.com" -u http://web.com -fs <size>ffuf -w <wordlist> -u http://web.com/script.php?FUZZ=test -fs <size>ffuf -w <wordlist> -u http://web.com/script.php?parameter=FUZZ -fc <code>gobuster dir -u <IP> -w <wordlist_path> -t 50 -x .php,.txt,.html -o scan-dirsgobuster dns -d <url> -w <wordlist> -i # Subdominiosgobuster vhost -u <url> -w <wordlist> -r # Virtual hostingJuicy endpoints
/var/lib/jenkins/config.xml
/var/lib/jenkins/users/users.xml
/var/lib/jenkins/users/user/conf.xml
/manage/script # revshellDomain Zone Transfer (AXFR)
dig @<IP> <domain-name> axfrÚltima actualización