You can add all exceptions you don't want to see behind --hc flag. --hc 429,502,404
or -fs
/usr/local/lib/python3.8/dist-packages/wfuzz/init.py:34: UserWarning:Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
gobuster dir -u <url> -w <wordlist.txt> -x <file_extensions>
Installation
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
echo 'export PATH=$PATH:~/go/bin' >> ~/.bashrc
# Use ~/.zshrc instead of bash if needed
Usage
Run nuclei on single host:
$ nuclei -target example.com
Run nuclei with specific template directories:
$ nuclei -target example.com -t http/cves/ -t ssl
Run nuclei against a list of hosts:
$ nuclei -list hosts.txt
Run nuclei with a JSON output:
$ nuclei -target example.com -json-export output.json
Run nuclei with sorted Markdown outputs (with environment variables):
$ MARKDOWN_EXPORT_SORT_MODE=template nuclei -target example.com -markdown-export nuclei_report/
Additional documentation is available at: https://docs.nuclei.sh/getting-started/running
Gathering URLs and JavaScript file locations with Hakrawler
echo https://google.com | hakrawler
cat urls.txt | hakrawler # Multiple urls
cat urls.txt | hakrawler -proxy http://localhost:8080 # Requests through a proxy
echo https://google.com | hakrawler -subs # Include subdomain
Subdomain Enumeration
gobuster dns -t 30 -w subdomains.txt -d example.com