Day 18, Web Reconnaissance Or Information Gathering — Part 3#100DaysofHacking

Get all the writeups from Day 1 to 17, Click Here Or Click Here.

In our previous blogs we learned about google dorking, scope discovery and how should we use target manually as a user, in this blog we’ll learn about some further techniques.

We have covered many techniques of scope discovery in our previous blog, today also in this we’ll cover about some more techniques. Let’s start

Directory Brute-Forcing

Directory Brute-Forcing is a technique of finding hidden directories which are available on the web server. There are many cases in which hackers find directories which contains very sensitive information like admin panels, password files, outdated functionalities , database copies etc.

But before performing this ,let me show you web server structure of https://passwdgen.000webhostapp.com/ , this is the website on which I’ll perform, it is only for understanding in easy way. For your testing I’ll provide others links on which you can perform.