Day 36 – Directory Bruteforce | Complete Beginner Guide

📂 Day 36: Directory Bruteforce

Bug hunting me kai baar vulnerabilities hidden directories me milti hain.

Website ka jo part user ko dikhta hai, wo sirf surface hota hai.
Real interesting cheezein aksar hidden folders me hoti hain 🔥

Is process ko kehte hain:

Directory Bruteforce (ya Directory Enumeration)

🧠 Directory Bruteforce Kya Hota Hai?

Directory Bruteforce ka matlab hai:

✔ Website ke hidden folders aur files ko identify karna
✔ Guess karna ki kaun se common paths exist kar sakte hain
✔ Unko check karna ki accessible hain ya nahi

Example website:

example.com

Possible hidden paths:

example.com/admin
example.com/login
example.com/backup
example.com/dev
example.com/config

Agar ye public accessible ho gaye → vulnerability mil sakti hai.

🎯 Ye Important Kyu Hai?

Developers kabhi-kabhi:

  • Test folders delete nahi karte

  • Backup files server par chhod dete hain

  • Old admin panels remove nahi karte

Ye sab hidden entry points ban jate hain.

🔍 Directory Bruteforce Ka Concept

Is technique me:

  1. Ek wordlist use hoti hai (common folder names ki list)

  2. Tool ya manual method se check kiya jata hai

  3. Server response observe kiya jata hai

Response types:

  • 200 OK → Folder exist karta hai

  • 403 Forbidden → Exist karta hai but restricted

  • 404 Not Found → Exist nahi karta

Yahi se hidden paths milte hain.

🛠 Common Targets

Bug hunters commonly search karte hain:

✔ /admin
✔ /dashboard
✔ /backup
✔ /test
✔ /old
✔ /staging
✔ /api
✔ /config

Kabhi-kabhi:

✔ .zip files
✔ .bak files
✔ .sql backup files

Publicly accessible mil jate hain.

🌐 Real-World Thinking

Maan lo aap kisi company ka program test kar rahe ho.

Example large tech companies jaise:

Google
Facebook

Inke thousands endpoints hote hain.

Agar kisi subdomain me:

/dev

folder accidentally public ho jaye, to waha sensitive information mil sakti hai.

🧩 Directory Bruteforce Ke Baad Kya Kare?

Agar koi folder milta hai:

  1. Uska content analyze karo

  2. Login required hai ya nahi check karo

  3. Sensitive files exposed hain ya nahi dekho

  4. Access control test karo

⚠ Legal Warning

Directory Bruteforce sirf:

✔ Authorized bug bounty program me
✔ Apni lab environment me
✔ Legal permission ke sath

Karein.

Unauthorized scanning illegal ho sakta hai.

🧠 Beginner Mistakes

❌ Sirf homepage test karna
❌ Response codes ignore karna
❌ 403 ko ignore kar dena (kabhi-kabhi interesting hota hai)
❌ Documentation maintain na karna

🔥 Pro Tip

Har discovered path ko document karo:

  • URL

  • Status code

  • Response size

  • Interesting keywords

Professional bug hunters structured notes maintain karte hain.

🔁 Revision Points

  • Directory Bruteforce = Hidden folders find karna

  • Wordlist based guessing hota hai

  • 200, 403, 404 responses important hote hain

  • Dev/test/backup folders common weak points hain

  • Legal permission mandatory hai

⬅ Previous Day                       

                               Next Day ➡