Sitemap.xml documentation

D4rkhunt3r · April 11, 2019, 3:46am

What is the use of sitemap.xml in a website? Can it be used for information gathering or for something else?

lolt3under · April 11, 2019, 3:49am

@D4rkhunt3r There are usually many pages on a website you do not want Black hat hackers to know about . Yes it is a good practice to remove sitemap.xml from your website .

D4rkhunt3r · April 11, 2019, 8:59am

I think that this is not the correct and to the point answer to my question. Thank you for showing interest. Can you explain this more briefly or in other words to the point answer? What are its functiona and what do they tell us?

S0B0 · April 11, 2019, 11:15am

as far as I know an XML sitemap lists a website’s relevant/important pages so that google can crawl them for indexation. It also helps when you want your audience to get quick access to your latest posts on the site.
More info here : https://yoast.com/what-is-an-xml-sitemap-and-why-should-you-have-one/
https://www.techopedia.com/definition/5393/site-map

D4rkhunt3r · April 11, 2019, 1:47pm

@S0B0 can it be used for hacking purposes or for finding a directory ?

S0B0 · April 11, 2019, 2:15pm

I don’t think so. The sitemap.xml file contains the things you see on that site like “home” “contact” “about” etc. Nothing hidden as far as I know. (I could be wrong)

MoNsTeR · April 11, 2019, 7:28pm

@D4rkhunt3r
Many WebApp analyst tools use it for basis of crawling a site. One off the top of my head OWASP-ZAP tool uses it.

lolt3under · April 12, 2019, 7:54am

@MoNsTeR yes Burp scanner also seems to be using it.