Back to all walkthroughs
Content Discovery
Premium roomLearn the various ways of discovering hidden or private content on a webserver that could lead to new vulnerabilities.
easy
30 min
265,189
To access material, start machines and answer questions login.
Firstly, we should ask, in the context of web application security, what is content? Content can be many things, a file, video, picture, backup, a website feature. When we talk about content discovery, we're not talking about the obvious things we can see on a website; it's the things that aren't immediately presented to us and that weren't always intended for public access.
This content could be, for example, pages or portals intended for staff usage, older versions of the website, backup files, configuration files, administration panels, etc.
There are three main ways of discovering content on a website which we'll cover. Manually, Automated and (Open-Source Intelligence).
Start the AttackBox (by clicking the blue "Start AttackBox" button), and the machine on this task.
This content could be, for example, pages or portals intended for staff usage, older versions of the website, backup files, configuration files, administration panels, etc.
There are three main ways of discovering content on a website which we'll cover. Manually, Automated and (Open-Source Intelligence).
Start the AttackBox (by clicking the blue "Start AttackBox" button), and the machine on this task.
Answer the questions below
What is the Content Discovery method that begins with M?
What is the Content Discovery method that begins with A?
What is the Content Discovery method that begins with O?
Ready to learn Cyber Security?
The Content Discovery room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in