A penetration tester is assessing a web application and suspects there are unlinked directories that are not discoverable by crawling the site. The tester needs to identify these hidden directories to search for sensitive information. Which of the following techniques is most effective for this purpose?
Executing SQL injection queries to enumerate database table names.
Exploiting a path traversal vulnerability to read system files.
Parsing the Disallow entries in the robots.txt file.
Performing forced browsing using a wordlist of common directory names.
Performing forced browsing, also known as directory enumeration, is the most effective method for discovering unlinked or hidden web directories by iterating through a wordlist of potential names. While parsing the robots.txt file can reveal some directories, it is not comprehensive as administrators often omit sensitive paths to avoid drawing attention. SQL injection targets the back-end database, not the web server's file system directories. Path traversal is an attack used to access files and directories outside of the intended web root, not to discover unknown directory paths within the application structure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is brute forcing in the context of finding hidden folders?
Open an interactive chat with Bash
What is a robots.txt file and why isn't it sufficient for finding hidden folders?
Open an interactive chat with Bash
What is path traversal and why doesn't it work for finding unlinked directories?