adding web recon

README.md

@@ -421,22 +421,44 @@ Mysql Open to wild
 mysql -h Target_ip -u root -p
 ```
 
-### Try Local default Root access Windows
+## MSSQL
 
-TODO!
+### MSQL Information Gathering
 
-### Try Local default Root access Linux
+```
+nmap -p 1433 --script ms-sql-info,ms-sql-empty-password,ms-sql-xp-cmdshell,ms-sql-config,ms-sql-ntlm-info,ms-sql-tables,ms-sql-hasdbaccess,ms-sql-dac,ms-sql-dump-hashes --script-args mssql.instance-port=1433,mssql.username=sa,mssql.password=,mssql.instance-name=MSSQLSERVER $ip
+```
 
-TODO! 
+# Web Enumeration
 
-##
+## Dirsearch
 
-## MSSQL
 
-### MSQL Information Gathering
+```shell
+dirsearch -u target.com -e sh,txt,htm,php,cgi,html,pl,bak,old
+```
 
+```shell
+dirsearch -u target.com -e sh,txt,htm,php,cgi,html,pl,bak,old -w path/to/wordlist
 ```
-nmap -p 1433 --script ms-sql-info,ms-sql-empty-password,ms-sql-xp-cmdshell,ms-sql-config,ms-sql-ntlm-info,ms-sql-tables,ms-sql-hasdbaccess,ms-sql-dac,ms-sql-dump-hashes --script-args mssql.instance-port=1433,mssql.username=sa,mssql.password=,mssql.instance-name=MSSQLSERVER $ip
+
+```shell
+dirsearch -u https://target.com -e .
+```
+## dirb
+
+```shell
+dirb http://target.com /path/to/wordlist
+```
+
+```shell
+dirb http://target.com /path/to/wordlist -X .sh,.txt,.htm,.php,.cgi,.html,.pl,.bak,.old
+```
+
+## Gobuster
+
+```shell
+gobuster -u https://target.com -w /usr/share/wordlists/dirb/big.txt
 ```
 
 ##