The assessment is a grey box test (target IP and no additional info) of a web application. The HTB academy page even shows an image of the web apps login portal.
As this challenge falls into a sql injection module, scanning via nmap won’t be a priority to start. The module uses all manual techniques for injections (no SQLMap). Automated exploitation tools are great and they should absolutely be used where necessary. This writeup will attempt to exploit the application using manual techniques along with Burp Suite Community edition.
Going to the provided location of the app and notice a login page.
Sometimes wappalyzer provides information about backend technologies. For instance, once a user logs in, wappalyzer may be able to pull additional information about the programming language driving the app.
feroxbuster -u <http://83.136.251.xx:50260> -s 200 403 -x php html -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -o med_ferox.txt
Feroxbuster is nice because it is written in rust which makes it wickedly fast, has great documentation, and can recursively search directories. It is possible to set a default wordlist for feroxbuster instead of using the -w flag.