Skip to content
πŸ“• The Red Book

IIS

Enum

Section titled β€œEnum”
Terminal window
nmap $IP -sV -O


whatweb $IP


http $IP


dirb http://$IP


browsh --startup-url http://$IP.Default.aspx

Nmap scripts

Section titled β€œNmap scripts”
Terminal window
# Interesting folders
nmap $IP -sV -p 80 --script http-enum


# Verify if XSS is off
nmap $IP -sV -p 80 --script http-headers


# Replace $PATH with any folder, i.e. /webdav/
nmap $IP -sV -p 80 --script http-methods --script-args http-methods.url-path=/$PATH/


# webdav
nmap $IP -sV -p 80 --script http-webdav-scan --script-args http-methods.url-path=/webdav/

WebDAV (Web Distributed Authoring and Versioning) is a set of extensions to the Hypertext Transfer Protocol (HTTP), which allows user agents to collaboratively author contents directly in an HTTP web server by providing facilities for concurrency control and namespace operations, thus allowing Web to be viewed as a writeable, collaborative medium and not just a read-only medium