OSCP tool question
mabraFoo
Member Posts: 23 ■□□□□□□□□□
-Please keep responses on topic- 
I started the OSCP a while ago with no pen testing experience and don't work with any security folks. I don't know if this tool exists, but if it does, I am dying to use it.
Suppose a server is vulnerable to a particular url path.
softwarename/xyz_softwarename.php?something=blah
But the url path is hidden under a directory called secret or hidden.
To be able to find it you first need to use dirbuster or dirb using a wordlist containing secret/hidden. Then use wfuzz or nikto.
As far as I know, beef, wfuzz, and nikto won't be of any use because they won't expect the url path to be under an unusual directory.
Basically I am looking for a dirb + wfuzz hybrid. Maybe one of these tools already does this. Feel free to message me if you don't want to share too much info with the internet.
I started the OSCP a while ago with no pen testing experience and don't work with any security folks. I don't know if this tool exists, but if it does, I am dying to use it.
Suppose a server is vulnerable to a particular url path.
softwarename/xyz_softwarename.php?something=blah
But the url path is hidden under a directory called secret or hidden.
To be able to find it you first need to use dirbuster or dirb using a wordlist containing secret/hidden. Then use wfuzz or nikto.
As far as I know, beef, wfuzz, and nikto won't be of any use because they won't expect the url path to be under an unusual directory.
Basically I am looking for a dirb + wfuzz hybrid. Maybe one of these tools already does this. Feel free to message me if you don't want to share too much info with the internet.
Comments
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GCWN | Linux+
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
In addition, nikto comes with a "dictionary" plugin that should help with the discovery of such directories.