We covered discovering and enumerating hidden content on any website. This room was part of TryHackMe Junior Penetration tester pathway.

Firstly, we should ask, in the context of web application security, what is content? Content can be many things, a file, video, picture, backup, a website feature. When we talk about content discovery, we’re not talking about the obvious things we can see on a website; it’s the things that aren’t immediately presented to us and that weren’t always intended for public access.

This content could be, for example, pages or portals intended for staff usage, older versions of the website, backup files, configuration files, administration panels, etc.

There are three main ways of discovering content on a website which we’ll cover. Manually, Automated and OSINT (Open-Source Intelligence).

Get OSCP Certificate Notes

Room Answers

What is the directory in the robots.txt that isn’t allowed to be viewed by web crawlers?

What framework did the favicon belong to?
What is the path of the secret area that can be found in the sitemap.xml file?
What is the flag value from the X-FLAG header?
What is the flag from the framework’s administration portal?
What Google dork operator can be used to only show results from a particular site?
What online tool can be used to identify what technologies a website is running?
What is the website address for the Wayback Machine?
What is Git?
What URL format do Amazon S3 buckets end in?
What is the name of the directory beginning “/mo….” that was discovered?

What is the name of the log file that was discovered?

Video Walk-through



About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles