1. Enumeration:
- Nmap:
Web Enumeration:
- visiting the website » nothing useful
wfuzz:
$ wfuzz -c --hc 404 -t 200 -w /usr/share/wordlists/dirb/common.txt http://bounty.htb/FUZZ
Gobuster:
since it’s iis server , let’s look for aspx extentions:
$ gobuster dir -u http://bounty.htb -x aspx -w /usr/share/wordlists/dirb/common.txt -t 20
