!link! - Gobuster

Run Gobuster with a small wordlist first.

gobuster dir -u http://target.ctf/hidden-login -w /usr/share/wordlists/dirb/common.txt -x php,html Found login.php with default credentials → access granted. gobuster

gobuster dir -u http://target.ctf -w /usr/share/wordlists/dirb/common.txt -t 20 Run Gobuster with a small wordlist first

Always start with a small wordlist for speed, then expand if needed. gobuster

Run Gobuster on /hidden-login :

Output full enumeration for report:

/admin (Status: 301) /backup (Status: 200) /robots.txt(Status: 200) /secret (Status: 200) Check /robots.txt → found Disallow: /hidden-login

Copyright © 2026 Global Circle. All Rights Reserved.

Powered by WordPress and WordPress Theme created with Artisteer by N0AGI - Nagi Punyamurthula.