Service Detection
Banner Grab
Technology Fingerprinting
whatweb
Wappalyzer
Browser extension — identifies CMS, frameworks, servers.Headers
Directory Busting
gobuster
| Flag | Description |
|---|---|
-x | Extensions |
-t 50 | Threads |
-o | Output file |
-k | Skip TLS verification |
-b 404,403 | Blacklist status codes |
feroxbuster
ffuf
dirsearch
Vhost / Subdomain Discovery
Parameter Fuzzing
robots.txt / sitemap.xml
Source Code
.git Exposure
.env / Backup Files
CMS Detection
WordPress
Joomla
Drupal
NSE Scripts
Quick Reference
| Check | Command |
|---|---|
| Fingerprint | whatweb http://TARGET |
| Directory bust | gobuster dir -u http://TARGET -w list.txt |
| Vhost enum | ffuf -H "Host: FUZZ.target.com" -u http://TARGET |
| WordPress scan | wpscan --url http://TARGET |
| Git dump | git-dumper http://TARGET/.git/ output/ |