Updates web-scanning.md

## About

Dirbusting, Forced Browse or whatever you like to call it.

It is when you make requests to a site based on a dictionary in order to find files in directories that are not linked anywhere on the site. If they are linked a spider can easily find it. Otherwise you have to bruteforce it.

There is essentially no way for a user to know which files are found in which directories on a web-server, unless the whole server has directory listing by default. However, if you go directly to the page it will be shown. So what the attacker can do is to brute force hidden files and directories. Just test a bunch of them. There are several tools for doing this. The attack is of course very noisy and will show up fast in the logs.

### Dirb

### Dirbuster

It is a GUI

You start it with 

You start it with:

```

dirbuster

```

from the terminal

### OWASP ZAP

wfuzz -c -z file,/root/.ZAP/fuzzers/dirbuster/directory-list-2.3-big.txt --sc 200 http://pegasus.dev:8088/FUZZ.php

```

### Gobuster 

```

# Gobuster - remove relevant responde codes (403 for example)

gobuster -u http://192.168.1.101 -w /usr/share/seclists/Discovery/Web_Content/common.txt -s '200,204,301,302,307,403,500' -e

```

## WAF - Web application firewall

It might be that dirb shows you 403 errors, instead of the expected 404. This might mean that there is a WAF protecting the site. To get around it we might have to change our request header to it looks more like a normal request.