It is not uncommon to come across vulnerable applications or applications using authentication screens with default passwords.
For a first try, it is possible to use httpx and nuclei, two great projects from projectdiscovery, to sort out open HTTP/HTTPS services and perform a first vulnerability scan on them. Httpx and Nuclei will report a lot of information on the type of service/applications used and will do a first vulnerability scan.
