Ref 1: Results of netdiscover command to detect all machines on the network
Ref 2: nmap scan with -T4 for the preferred speed of the scan, -p- to scan all ports, -A for scanning everything including versions numbers and operating system information, then the target address
Ref 1: Target default site has been accessed (poor hygeine)
We snooped around and clicked on the “documentation” hyperlink and it was not found. But instead of giving us a generic 404 Not Found page, we received a bit of valuable information:
Ref 2: Information disclosure // Server and version (Apache/1.3.20)
Ref 3: We then ran nikto which is a website vulnerability scanner tool against the host and we got a lot of valuable information from the result
