General
Before exploiting web vulnerabilities, information gathering is key.
Using proxies, directory enumeration, and version control leaks, you can identify potential entry points or secrets in a challenge’s web application.
| Task |
Tool / Command |
| Intercept & modify requests |
Burp Suite, OWASP ZAP, Caido |
| Check sensitive files |
/robots.txt, /.git/, /.DS_Store |
| Dump leaked Git repos |
git-dumper, GitTools |
| Tool |
Purpose |
| Burp Suite |
Comprehensive web proxy and exploitation suite |
| OWASP ZAP |
Open‑source proxy for scanning and fuzzing |
| Caido |
Modern proxy alternative with clean UI |
| GitTools |
Download and recover .git repository leaks |
| git-dumper |
Clone .git directories exposed via web |
- Always begin by mapping the site using a proxy.
- Test direct file access (
robots.txt, .env, .git/HEAD, .htaccess).
- Reconstruct repositories found online via
.git.
- Check for API endpoints or commented URLs in HTML or JS source.
