kali@kali:~$ dirb
dirb <url_base> [<wordlist_file(s)>] [options]
========================= NOTES =========================
<url_base> : Base URL to scan. (Use -resume for session resuming)
<wordlist_file(s)> : List of wordfiles. (wordfile1,wordfile2,wordfile3...)
...
======================== OPTIONS ========================
...
-X <extensions> / -x <exts_file> : Append each word with this extensions.
-z <millisecs> : Add a milliseconds delay to not cause excessive Flood.
======================== EXAMPLES =======================
dirb http://url/directory/ (Simple Test)
dirb http://url/ -X .html (Test files with '.html' extension)
dirb http://url/ /usr/share/dirb/wordlists/vulns/apache.txt (Test with apache.txt wordlist)
dirb https://secure_url/ (Simple Test with SSL)
Information Disclosure
These are issues where unnecessary information is provided. Example: login page informing of the correct/incorrect usernamed and/or password.
In the above example, this error allows us to enumerate valid usernames.
is a robust platform that can perform security testing of web applications. It includes several tools that can help identify web application vulnerabilities. There's a simplified free version available, but the professional/commercial version offers more comprehensive tools.
(ZAP) is a free, open-source web application security scanner. It includes features to allow automated and manual testing for web application vulnerabilities.
has several versions of its debugging proxy tool. While this tool can capture and inspect HTTP traffic, it does not include any security tools.
is a content scanner that uses a wordlist to discover web resources through brute forcing.
is a multi-threaded content scanner. It can be run with a GUI or headless. It is typically included in Kali Linux by default.
is a brute forcing tool written in Go, which usually makes it more performant than DIRB or DirBuster. Gobuster also supports enumerating DNS subdomains, and and buckets.
is a web crawler that discovers URLs and JavaScript files.
is a comprehensive commercial vulnerability scanning tool. It can identify a variety of vulnerabilities and provides detailed reports and remediation recommendations.
provides a selection of security tools, including commercial cloud security, compliance, and scanning services.
is an open source vulnerability scanner maintained by .
is a free, open source web server scanner that can conduct comprehensive tests against web servers for various vulnerabilities.
is a web application brute forcing tool. We can use it for content discovery, fuzzing, or more advanced attacks.
is a web application brute forcing tool similar to Wfuzz, but written in Go.
is a tool for discovering and exploiting SQL injection vulnerabilities in a variety of database servers.
(MSF) is a pentesting framework with scanning and exploitation capabilities. While maintained by , it is frequently updated with new exploits by the community. For more information on using the Metasploit Framework, refer to OffSec's (MSFU).
