Search the Community

Recon for bug bounty, penetration testers & ethical hackers. The full methodology of website reconnaissance and bug bounty. What you’ll learn Recon on websites Gathering subdomains Gathering URLs Gathering parameters Information gathering Collecting sensitive data from websites Deep recon on the website Requirements Basic knowledge of Linux is required Basic knowledge of vulnerabilities Description This course is entirely made for website reconnaissance for bug bounty hunters, penetration testers & ethical hackers. This is an intermediate-level course. All the topics are discussed here regarding recon on websites. Some of the topics are what is a survey, what is recon, recon for bug bounty hunters and penetration testers, Subdomain enumeration, URL enumeration, parameter brute-forcing, Creating your recon tools, and many more… This course is entirely focused on website recon and vulnerability assessment. There will be the whole methodology of website reconnaissance, bug bounty hunting, and penetration testing. The videos are divided into small sections for the students to learn. All the resources are provided in the resource section, including links, pdf, and payloads used in the course. Course Curriculum : Introduction Introduction to recon Subdomain enumeration from tools Subdomain enumeration #1 Subdomain enumeration #2 Subdomain enumeration #3 Subdomain enumeration #4 Subdomain bruteforcing Filtering unique domains Subdomain generator Subdomain enumeration from websites Subdomain enumeration from website #1 Subdomain enumeration from website #2 Subdomain enumeration from website #3 Subdomain enumeration from website #4 Filtering live domains Filtering live domains URL extraction from the internet URL extraction from the internet #1 URL extraction from the internet #2 Finding parameters Finding parameters Parameter bruteforcer Finding URLs from past URL from past Sorting urls Sorting URLs for vulnerabilities Automation for replacing parameters with Payloads Automation for replacing parameters with Payloads Footprinting websites ( Website recon ) What web recon Netcraft Security headers Dnsdumpmaster Whois recon Mxtoolbox OSINT Maltego Browser add-ons for recon analyzer retire.js shodan Knoxx Hack-tools addon WAF identification WAF identification Subdomain takeover HostileSubBruteForcer Sub404 Subject Fuzzing (Content-Discovery) dir ffuf Port scanning Introduction to Nmap Port specification in nmap Service and version detection from nmap Firewall bypass technique Fast port scanning Nabu mass can Visual recon Gowitness Google Dorking Introduction to google Dorking Understanding the URL structure Syntax of google Dorking Google Dorking operators Google search operators ( Part – 1 ) Google search operators ( Part – 2 ) Google Dorking practical Introduction to practical google Dorking How to find directory listing vulnerabilities? How to dork for WordPress plugins and themes? How to work for web server versions? How to dork for application-generated system reports? Dorking for SQLi Reading materials for google Dorking Tips for advanced google Dorking Tip #1 Tip #2 Tip #3 Shodan Dorking Intro to shodan Dorking Shodan web interface Shodan search filters Shodan Dorking practical Finding server Finding files and directories Finding operating systems Finding compromised devices and websites Shodan command line Introduction to the shodan command line Practical shodan in command line Github Dorking Introduction to GitHub Dorking Github Dorking practical Vulnerability scanning Nuclei Wp-Scan Scanning with burp suite Metasploit for recon DNS recon using Metasploit Sub-domain enumeration using Metasploit E-mail address finding Port scanning using Metasploit TCP SYN port scan using Metasploit SSH version detection FTP version enumeration MySQL version detection HTTP enumeration Payloads for bug bounty hunters Payloads for bug hunters and penetration testers How to create tools for recon? SSRF finder tool XSS finding too URL extractor from javascript files Full website recon tool Bonus Bonus video Thank you 🙂 Vivek Pandit Who this course is for: Bug bounty hunters, penetration testers, ethical hackers, etc. [Hidden Content] [hide][Hidden Content]]

Features Easy to use dashboard with settings, statistics, payloads, view/share/search reports Unlimited users with permissions to personal payloads & their reports Instant alerts via mail, Telegram, Slack, Discord or custom callback URL Custom javascript payloads Custom payload links to distinguish insert points Extract additional pages, block, whitelist and other filters Secure your login with Two-factor (2FA) The following information can be collected on a vulnerable page: The URL of the page IP Address Any page referer (or share referer) The User-Agent All Non-HTTP-Only Cookies All Locale Storage All Session Storage Full HTML DOM source of the page Page origin Time of execution Payload URL Screenshot of the page Extract additional defined pages much much more, and, its just ez 🙂 Required Server or hosting with PHP 7.1 or up Domain name (consider a short one) SSL Certificate to test on https websites (consider Cloudflare or Let's Encrypt for a free SSL) ezXSS v4.0 Latest I am excited to announce the release of ezXSS v4.0, a major update to the XSS tool. This version includes at least the following new features and improvements: Completely re-coded, resulting in clean, readable code that is easy to understand and maintain Multi-user setup that allows for roles and payload separation Alerts via Slack and Discord in addition to existing support for email and Telegram Redesigned pages and fixed styling bugs More statistics on the dashboards Improved reports view and search Ability to render collected DOM pages Lots of smaller bug fixes and much much more amazing things! It is highly recommended to update to ezXSS v4.0, as version 3.x will no longer be supported due to its old codebase. If you are currently running an older version of ezXSS, please make sure to first update to version >3.10 before upgrading to v4.0. Also, after updating, the default username will be "admin". Thank you for your continued support and I hope you enjoy using the new and improved ezXSS v4.0! [hide][Hidden Content]]