Book Image

Kali Linux Intrusion and Exploitation Cookbook

By : Dhruv Shah, Ishan Girdhar
Book Image

Kali Linux Intrusion and Exploitation Cookbook

By: Dhruv Shah, Ishan Girdhar

Overview of this book

With the increasing threats of breaches and attacks on critical infrastructure, system administrators and architects can use Kali Linux 2.0 to ensure their infrastructure is secure by finding out known vulnerabilities and safeguarding their infrastructure against unknown vulnerabilities. This practical cookbook-style guide contains chapters carefully structured in three phases – information gathering, vulnerability assessment, and penetration testing for the web, and wired and wireless networks. It's an ideal reference guide if you’re looking for a solution to a specific problem or learning how to use a tool. We provide hands-on examples of powerful tools/scripts designed for exploitation. In the final section, we cover various tools you can use during testing, and we help you create in-depth reports to impress management. We provide system engineers with steps to reproduce issues and fix them.
Table of Contents (18 chapters)
Title Page
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Customer Feedback
Preface

Discovering hidden files/directories using DirBuster


In this recipe, we will learn to use the tool. The DirBuster tool looks for hidden directories and files on the web server. Sometimes, developers will leave a page accessible but unlinked; DirBuster is meant to find these files, which might have potential vulnerabilities. This is a Java-based application developed by awesome contributors at OWASP.

Getting ready

For this recipe, you will require an Internet connection.

How to do it...

  1. Launch DirBuster from the Kali Linux | Web Application Analysis | Web Crawlers and Directory Brute | Dirbuster, as shown in the following screenshot:

 

  1. Open and enter your target URL; in our case, we will enter http://demo.testfire.net for the purpose of demonstration, as shown in the following screenshot:

 

  1. Select list based brute force. Browse and navigate to /usr/share/dirbuster/wordlists and select directory_list_medium.txt, as shown in the following screenshot:

 

  1. Click on Select List and enter php (based...