Search the Community
Showing results for tags 'recon:'.
-
Recon The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my own recognition script with all the tools I use most in this step. All construction of this framework is based on the methodologies of @ofjaaah and @Jhaddix. These people were my biggest inspirations to start my career in Information Security and I recommend that you take a look at their content, you will learn a lot! Feature ASN Enumeration metabigor Subdomain Enumeration Assetfinder Subfinder Amass Findomain Sublist3r Knock SubDomainizer GitHub Sudomains RapidDNS Riddler SecurityTrails Alive Domains httprobe httpx WAF Detect wafw00f Domain organization Regular expressions Subdomain Takeover Subjack DNS Lookup Discovering IPs dnsx DNS Enumeration and Zone Transfer dnsrecon dnsenum Favicon Analysis favfreak Shodan Directory Fuzzing ffuf Google Hacking Some Dorks that I consider important CredStuff-Auxiliary Googler GitHub Dorks Jhaddix Dorks Credential Stuffing CredStuff-Auxiliary Screenshots EyeWitness Port Scan Masscan Nmap Naabu Link Discovery Endpoints Enumeration and Finding JS files Hakrawler Waybackurls Gospider ParamSpider Vulnerabilities Nuclei ➔ I used all the default templates 403 Forbidden Bypass Bypass-403 XSS XSStrike Gxss LFI Oneliners gf ffuf RCE My GrepVuln function Open Redirect My GrepVuln function SQLi Oneliners gf sqlmap [hide][Hidden Content]]