@slow
Feature: make sure our website doesn't expose sensitive directories

Scenario: Start with using dirb and check for default apache directories
  Given "dirb" is installed
  And the following profile:
     | name          | value                              |
     | hostname      | http://lascon.org                  |
     | wordlist      | /opt/wordlists/vulns/apache.txt  |
  When I launch a "dirb" attack with:
  """
  dirb <hostname> <wordlist>
  """
  Then the output should contain:
  """
  FOUND: 0
  """