Create file with hostnames from website with cewl, then scan the webserver for vhosts with Metasploit vhost_scanner to find hidden virtual hosts on webserver. #infosec #hacking #pentest #pentesting #redteam #hackthebox #ctf #linux4hackers

We start to collect possible hostnames from websites with Cewl cewl http://10.10.10.1 -w cewl.txt You can also use some other switches like -d = deph to look on the website for words -m = minimum wordlengh -w = outputfiel So that the final command can look like this: cewl http://10.10.10.1 -d 5 -w cewl.txt When […]