Port Scanning and Information Gathering With Nmap and Nikto | TryHackMe Probe

We covered scanning hosts for services, open ports, running software, hidden directories using scanning tools such as Nmap and Nikto. We gathered details such as the ports the webserver is running on, the version of the webserver, domain and email information, hidden directories, the PHP version and the content management system running on the machine. We also discovered ssh and FTP server along with other services running on non-standard ports. This was part of TryHackMe Probe.

Offensive Security Certified Professional Study Notes and Guide

This is a 1099 pages of notes that will guide and help you prepare for and pass the OSCP exam. When you buy this…

The Complete Practical Web Application Penetration Testing Course

Course Content: Introduction to Injection Vulnerabilities SQL Injection - Authentication Bypass SQL Injection - Error…

We used the below commands to run the Nmap scans:

nmap -p- -T4 IP

nmap -p80,1443,9007,443 -A IP

We also used the below commands to scan for hidden directories with gobuster

sudo dir gobuster -u http://IP:8000 -w /usr/share/wordlists/dirbuster/common.txt

We used Nikto and wpscan to reveal more detail about the webserver and the CMS

wpscan — url http://IP:9007 — enumerate ap,at,cb,dbe — disable-tls-checks

wpscan — url http://IP:9007 — enumerate u — disable-tls-checks

Full Writeup is here.

Video Walkthrough