Learn how to use Wfuzz to find web pages.
- [Instructor] The Kali repository…contains a tool called Wfuzz.…And while it's not specifically designed…to look for hidden pages,…we can use it to do this.…As Wfuzz runs, it replaces any reference…to the keyword fuzz by the value of a given payload.…A payload in Wfuzz is a source of input data.…The word file denotes that the expression fuzz…will be replaced with all word list entries in the file.…
Let's run this against Popcorn and see how it performs.…We'll use the C switch to get color output…to the different response codes…and we'll tell Wfuzz to ignore 404 page not founds…using the HC switch.…We can see Wfuzz is showing the commented lines of text…from the word file, as well as any valid folders it finds.…We can see cgi-bin, doc, test, torrent,…and a folder called rename.…
Wfuzz is very fast and it can be used…to get a top-level short list of URLs to test further.…As with tools such as Gobuster,…we can use the minus T switch to set the number of threads.…When using a file for fuzzing,…we can take a shortcut and just use the minus W switch…
- Using Masscan for rapid full-service scanning
- Passive scanning with Shodan
- Using Nmap scripts
- Scanning with Reconnoitre and Vanquish
- Diagnosing uncommon ports
- Enumerating Drupal, WordPress, and Joomla sites
- Enumerating in the Linux shell
- Using the JAWS PowerShell script
Skill Level Advanced
Ethical Hacking: Penetration Testingwith Lisa Bock1h 29m Intermediate
Penetration Testing Essential Trainingwith Malcolm Shore2h 29m Intermediate
Penetration Testing: Advanced Kali Linuxwith Malcolm Shore2h 22m Intermediate
1. Identifying Services
2. Enumerating Services
3. Enumerating Web Servers
4. Further Enumeration
Enumerating inside Windows4m 41s
What's next1m 39s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.