nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN "/home/kali/htb/soccer/results/scans/_quick_tcp_nmap.txt" -oX "/home/kali/htb/soccer/results/scans/xml/_quick_tcp_nmap.xml" 10.10.11.194

nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN "/home/kali/htb/soccer/results/scans/_full_tcp_nmap.txt" -oX "/home/kali/htb/soccer/results/scans/xml/_full_tcp_nmap.xml" 10.10.11.194

nmap -vv --reason -Pn -T4 -sV -p 22 --script="banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods" -oN "/home/kali/htb/soccer/results/scans/tcp22/tcp_22_ssh_nmap.txt" -oX "/home/kali/htb/soccer/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml" 10.10.11.194

feroxbuster -u http://10.10.11.194:80/ -t 50 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x "txt,html,php,asp,aspx,jsp" -v -k -q -e -o "/home/kali/htb/soccer/results/scans/tcp80/tcp_80_http_feroxbuster_directory-list-2.3-medium.txt"

curl -sSikf http://10.10.11.194:80/.well-known/security.txt

curl -sSikf http://10.10.11.194:80/robots.txt

curl -sSik http://10.10.11.194:80/

nmap -vv --reason -Pn -T4 -sV -p 80 --script="banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN "/home/kali/htb/soccer/results/scans/tcp80/tcp_80_http_nmap.txt" -oX "/home/kali/htb/soccer/results/scans/tcp80/xml/tcp_80_http_nmap.xml" 10.10.11.194

curl -sk -o /dev/null -H "Host: TftyUjcxjULDwbGIAAgk.soccer.htb" http://soccer.htb:80/ -w "%{size_download}"

whatweb --color=never --no-errors -a 3 -v http://10.10.11.194:80 2>&1

wkhtmltoimage --format png http://10.10.11.194:80/ /home/kali/htb/soccer/results/scans/tcp80/tcp_80_http_screenshot.png

ffuf -u http://soccer.htb:80/ -t 10 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -H "Host: FUZZ.soccer.htb" -fs 178 -noninteractive -s | tee "/home/kali/htb/soccer/results/scans/tcp80/tcp_80_http_soccer.htb_vhosts_subdomains-top1million-110000.txt"