Consider
1) view page source
2) robots.txt
3) search all interesting names in google
3) use dirb to get all pages list
4) check for url's
5) intercept the page in burpsuite & send it to repeater (check response)
6) if there is a input box --> might be a terminal
7) Note down all URL's - might be any encryption code
8) always try to bruteforce -- use cupp -i
9) dig into all the folders always
10) see for flags in every page
11) check multiple times.. order is imp sometimes
13) consider all names and try them to login
14) check /license.txt for version numbers
Use online decoders --> https://2cyr.com/decode/
1) view page source
2) robots.txt
3) search all interesting names in google
3) use dirb to get all pages list
4) check for url's
5) intercept the page in burpsuite & send it to repeater (check response)
6) if there is a input box --> might be a terminal
7) Note down all URL's - might be any encryption code
8) always try to bruteforce -- use cupp -i
9) dig into all the folders always
10) see for flags in every page
11) check multiple times.. order is imp sometimes
13) consider all names and try them to login
14) check /license.txt for version numbers
Use online decoders --> https://2cyr.com/decode/
Comments
Post a Comment