⌘Ctrlk

Burp

https://portswigger.net/burp/documentation/desktop/getting-started/proxy-setup/certificate/firefox

Steps to import for SSL

Run Burp
Open http://burpsuite
Download the Certificate (top-right)
Import into Firefox
- Settings > Certificates > Import

Url Encode

Burp highlight.. and Ctrl-U ..to url encode a section!

Spider

Wont find hidden pages, but will pull obscure/linked ones

Target > Site Map > Spider This Host

app.js  ..send to repeater

../partials/admin.html      ..found: Download-Backups
../api/users                ..found: password/hashes on page

Discovery

Scenario: gobuster is blocked
Grab the User-Agent String, and re-use with goboster

Previous*Favorites NextDirb nikto wpscan etc

Last updated 2 years ago