OSCP tool question

mabraFoomabraFoo Member Posts: 23 ■□□□□□□□□□
-Please keep responses on topic- :)
I started the OSCP a while ago with no pen testing experience and don't work with any security folks. I don't know if this tool exists, but if it does, I am dying to use it.

Suppose a server is vulnerable to a particular url path.
softwarename/xyz_softwarename.php?something=blah

But the url path is hidden under a directory called secret or hidden.

To be able to find it you first need to use dirbuster or dirb using a wordlist containing secret/hidden. Then use wfuzz or nikto.

As far as I know, beef, wfuzz, and nikto won't be of any use because they won't expect the url path to be under an unusual directory.

Basically I am looking for a dirb + wfuzz hybrid. Maybe one of these tools already does this. Feel free to message me if you don't want to share too much info with the internet.

Comments

Sign In or Register to comment.