-
Enumerating the Kioptrix 1 machine, the default scan of
`ffuf -w -u http:///FUZZ`
doesn't return all the directories, some are clearly missing
for some reason adding a slash after FUZZ (not menti…
-
I know there's `--curl.path`, but it doesn't seem to reflect on... well, anywhere other than curl. Everything else, including the dirbuster plugin, still goes for the target domain only. Would be nice…
-
```
What steps will reproduce the problem?
1. Run Forced Browsing on a site.
2. No activity is shown in the bottom pane (ForcedBrowse.jpg).
What is the expected output? What do you see instead?
…
-
I'm very interested in having `http-enum` replace gobuster.
I'm attempting to use the lua fingerprint database described [here](https://github.com/nmap/nmap/issues/2251#issuecomment-781040281), and…
-
It's highly likely that someone running dirbuster on a .php file will cause issues, so we should add pow to web challenges too.
this can be done by wrapping the call to nsjail:
https://github.com/…
-
As it stands, a malicious person could use a tool like dirbuster to discover the directory tree structure of directories being served by Grove. They could do this by finding `403: Forbidden` messages,…
-
I'm using version 2.3.3, and when I try to import a very large wordlist (100million lines and more,) after a very long wait, wfuzz stops and sends out the word "Killed."
This also occurs when I try t…
-
### Athena OS version
athena os v23.06.03
### Which environment or technology are you using?
- [ ] Baremetal
- [ ] VirtualBox Virtual Machine
- [X] VMware Virtual Machine
- [ ] Hyper-V Virtual Mach…
-
https://app.hackthebox.com/challenges/baby%2520interdimensional%2520internet
-
```
What steps will reproduce the problem?
1. Run Forced Browsing on a site.
2. No activity is shown in the bottom pane (ForcedBrowse.jpg).
What is the expected output? What do you see instead?
Acti…