Web servers are more or less like hard disk in our computers. We’ll have lots of files, folder, directories. Likewise some are public and some are private. Public files, directories are open to everyone but private ones are not. But privates files and directories are still find-able. And hackers can utilize these anytime to attack your site precisely.
Even if something like that doesn’t happen, it’s always a good practice to know what’s happening inside your webste or blog. So you need to know which files, directories are hidden in your web server and you need to manage them accordingly.
Here I’ll show you the easiest way to find hidden files and directories in your web server.
Find Hidden Files And Directories
We’ll use an online tool called URL Fuzzer. Pentest-tools.com provides this service.
Go to URL Fuzzer from Pentest Tools. Put your website address in the Base URL box. Follow the picture below.
You can search for directories or Files. If you select directories, all directories in your web server will be shown in the results. Or you can look for files by determining their extension i.e .php, .html.
After selecting your desired option click on the Start button. You’ll taken to a security check.
Click on the Start Scan button. Scan will take few minutes. After it’s finished you’ll get the result. You have now found hidden directories in your web server.
This is how your directory list will look like. You can save the results as a PDF file.
This tool uses a custom built word-list for discovering hidden files and directories. They also show their HTTP response code. Using this tool you can get to know your website better and secure your files and directories from hackers or malicious attacks.
Don’t forget to share with us if you use any other tools to find hidden files and directories on web servers. Also don’t forget to share it with your friends.