HTTP/S (Hypertext Transfer Protocol / Secure) #
At a Glance #
- HTTP: 80
- HTTPS (HTTP over TLS or SSL): 443
HTTP is an application-level protocol for distributed hypermedia information systems. It is the standard protocol that defines how messages are formatted and sent across the web.
HTTPS (Hypertext Transfer Protocol Secure) is an extension of HTTP. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). Therefore, the protocol is also referred to as HTTP over TLS or HTTP over SSL.
Banner Grabbing #
nc example.com 80
openssl s_client -connect example.com:443
s_client: SSL/TLS client program.
Directory Enumeration #
Included in Kali’s wordlists package
/dirbuster/directory-list-2.3-medium.txt( 1.9M - 220560 lines )
/dirbuster/directory-list-2.3-small.txt( 709K - 87664 lines )
/dirb/common.txt( 36K - 4614 lines )
/dirb/big.txt( 180K - 20469 lines )
gobuster dir -t 30 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u https://10.0.0.3/
dir: directory brute-forcing mode.
-t <n>: number of concurrent threads (default 10).
-w <wordlist>: path to the wordlist.
-u <URL>: target URL.
- Iterate over the results.
- Include status code 403 (Forbidden Error) and brutefoce these directories.
- Add more file extensions to search for; In
Source Code #
It is a good habit to take a quick look at the pages' source code, scripts, and console outputs.
View Source, context-click on the page and select
View Page Source or with the
Note: Many browsers include a powerful suite of tools, also known as devtools, to inspect and interact with the target website.
If the target uses an open-source app, downloading its codebase will provide helpful information about configuration files, open resources, default credentials, etc.
OpenSSL Foundation, Inc. “/Docs/Manmaster/Man1/Openssl.Html.” OpenSSL.Org, https://www.openssl.org/docs/manmaster/man1/openssl.html. ↩︎