From c1d65afac94fd43f79f4f6189fb273866219ceaa Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Thu, 26 Mar 2026 22:33:53 +0100
Subject: Add information gathering via hidden directory crawling solution

---
 Information gathering 2/Resources/notes.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 Information gathering 2/Resources/notes.md

(limited to 'Information gathering 2/Resources/notes.md')

diff --git a/Information gathering 2/Resources/notes.md b/Information gathering 2/Resources/notes.md
new file mode 100644
index 0000000..1f8aad0
--- /dev/null
+++ b/Information gathering 2/Resources/notes.md	
@@ -0,0 +1,16 @@
+## Exploit
+
+[https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/01-Information_Gathering/01-Conduct_Search_Engine_Discovery_Reconnaissance_for_Information_Leakage]()
+
+1. Explore public `robots.txt`
+    ```bash
+    ❯ curl http://10.0.2.15/robots.txt
+    User-agent: *
+    Disallow: /whatever
+    Disallow: /.hidden
+    ```
+1. Explore the links in `http://10.0.2.15/.hidden` with the `crawl.bash` script to find a flag
+
+## Fix
+
+Same as **Information gathering 1**: do not put sensitive data in `robots.txt` because this file is publicly available.
-- 
cgit v1.2.3