DIRB
We use dirb to search for scan directories and look for files with different extensions in a web server.
Useful directories would be
http://172.104.180.76/phpinfo.php
http://172.104.180.76/robots.txt
Results:
i) If the php is not upgrade, it has the possibility to have security risk
ii) Review backup files for sensitive information. It isn’t uncommon to find unreferenced or forgotten files that can be used to obtain important information about the infrastructure or the credentials.
iii) Another source of clues about unreferenced directories is the /robots.txt
file used to provide instructions to web robots.
http://172.104.180.76/user/add-site.php
http://172.104.180.76/ | cat ../config.php