Search the Community

This python script allows to extract of various information from a Microsoft Remote Desktop Web Access (RDWA) application, such as the FQDN of the remote server, the internal AD domain name (from the FQDN), and the remote Windows Server version. [hide][Hidden Content]]

Recon The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my own recognition script with all the tools I use most in this step. All construction of this framework is based on the methodologies of @ofjaaah and @Jhaddix. These people were my biggest inspirations to start my career in Information Security and I recommend that you take a look at their content, you will learn a lot! Feature ASN Enumeration metabigor Subdomain Enumeration Assetfinder Subfinder Amass Findomain Sublist3r Knock SubDomainizer GitHub Sudomains RapidDNS Riddler SecurityTrails Alive Domains httprobe httpx WAF Detect wafw00f Domain organization Regular expressions Subdomain Takeover Subjack DNS Lookup Discovering IPs dnsx DNS Enumeration and Zone Transfer dnsrecon dnsenum Favicon Analysis favfreak Shodan Directory Fuzzing ffuf Google Hacking Some Dorks that I consider important CredStuff-Auxiliary Googler GitHub Dorks Jhaddix Dorks Credential Stuffing CredStuff-Auxiliary Screenshots EyeWitness Port Scan Masscan Nmap Naabu Link Discovery Endpoints Enumeration and Finding JS files Hakrawler Waybackurls Gospider ParamSpider Vulnerabilities Nuclei ➔ I used all the default templates 403 Forbidden Bypass Bypass-403 XSS XSStrike Gxss LFI Oneliners gf ffuf RCE My GrepVuln function Open Redirect My GrepVuln function SQLi Oneliners gf sqlmap [hide][Hidden Content]]