This is a fuzzing challenge.
- Download a wordlist
- Use a program like
FFUF to see if common files exist in folder you are scanning.
First, let’s download Daniel Meissler's raft-small-words.txt, a very common wordlist that can be used to brute-force all kinds of things. Go to Daniel Meissler’s GitHub page and select the SecLists repo.
Click on Discovery
Click on web content
Find raft-small-words.txt
Click on ‘raw’
Copy the URL of the raw .txt file.
Then, in your working folder on Kali, wget this wordlist:
We can count how many lines are in this file using the wc (wordcount) program.
wc -l raft-small-word.txt