Searching for open directories
In the previous recipe, we discussed how to find open ports on a network IP or domain name. We often see developers running web servers on different ports. Sometimes developers may also leave directories misconfigured that may contain juicy information for us. We have already covered dirsearch in the previous chapter; here we will look at alternatives.
The dirb tool
The dirb tool is a well-known tool that can be used to brute force open directories. Although it is generally slow and does not support multi-threading, it is still a great way to find directories/subdirectories that may have been left open due to a misconfiguration.
How to do it...
Type the following command to fire up the tool:
dirb https://domain.comThe following screenshot shows the output of the preceding command:
There's more...
There are other options in dirb, as well, that come in handy:
-a: to specify a user agent-c: to specify a cookie-H: to enter a custom header-X: to specify the file extension...
