Day 5 #100cyberdays 🎯

TryHackMe - Content Discovery

🔴 Content can take various forms, such as files, videos, pictures, backups, and website features. Content discovery refers to finding elements that may not be readily visible on a website and were not originally meant for public access. This includes items like internal pages for staff, older website versions, backup files, configuration files, administration panels, and more.

🔴 There are three primary methods of discovering content on a website:

1.Manual discovery: This involves manually searching through the website and its directories to find hidden or obscure content.

💠 (Robot.txt, Favicon, Sitemap.xml, HTTP Header, Framework Stack)

2.Automated discovery: Using automated tools or scripts to scan the website for potential hidden content and vulnerabilities.

💠 (ffuf, dirb, gobuster)

3.OSINT (Open-Source Intelligence): Employing publicly available information from various sources to gather insights and potentially uncover hidden content.

💠(Google hacking, Wappaalyzer, Wayback Machine, AWS S3 Bucket, Github)

🔴 By employing these methods, individuals can uncover valuable information and gain access to content that may not be immediately visible or intended for public consumption on a website.

TryHackMe | Content DiscoveryLearn the various ways of discovering hidden or private content on a webserver that could lead to new vulnerabilities.

Page updated

Google Sites

Report abuse