Hunting Sensitive Web Files

Hunting Sensitive Web Files

Something I like to do when testing a web application is to look for sensitive files that have been placed in web-exposed directories. Application administrators sometimes leave files in places they shouldn’t that contain information which may help advance your attack chain. Source code, configuration files, and…

Continue Reading

Recursive gobuster script

Recursive gobuster script

I was working on some automated tasks to include in my workflow and realized I wanted to use gobuster for launching dictionary-based enumeration on targets. I was currently using dirb for this but gobuster seems to be the faster tool to use. I fell behind on my…

Continue Reading

Pulling web hosts from Nessus output

Pulling web hosts from Nessus output

I hacked a python script together to parse out web hosts (and their corresponding URLs) from nessus XML output. I’m using this as part of my pentesting workflow to feed to other web-based tools like, EyeWitness, Nikto, dirb, gobuster, etc. Feed it a single argument that points…

Continue Reading