Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked Recon: perform a full recon on a target with the main tools to search for vulnerabilities


itsMe

Recommended Posts

This is the hidden content, please

Recon

The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my own recognition script with all the tools I use most in this step. All construction of this framework is based on the methodologies of @ofjaaah and @Jhaddix. These people were my biggest inspirations to start my career in Information Security and I recommend that you take a look at their content, you will learn a lot!

Feature

ASN Enumeration

    metabigor

Subdomain Enumeration

    Assetfinder
    Subfinder
    Amass
    Findomain
    Sublist3r
    Knock
    SubDomainizer
    GitHub Sudomains
    RapidDNS
    Riddler
    SecurityTrails

Alive Domains

    httprobe
    httpx

WAF Detect

    wafw00f

Domain organization

    Regular expressions

Subdomain Takeover

    Subjack

DNS Lookup
Discovering IPs

    dnsx

DNS Enumeration and Zone Transfer

    dnsrecon
    dnsenum

Favicon Analysis

    favfreak
    Shodan

Directory Fuzzing

    ffuf

Google Hacking

    Some Dorks that I consider important
    CredStuff-Auxiliary
    Googler

GitHub Dorks

    Jhaddix Dorks

Credential Stuffing

    CredStuff-Auxiliary

Screenshots

    EyeWitness

Port Scan

    Masscan
    Nmap
    Naabu

Link Discovery
Endpoints Enumeration and Finding JS files

    Hakrawler
    Waybackurls
    Gospider
    ParamSpider

Vulnerabilities

    Nuclei ➔ I used all the default templates

403 Forbidden Bypass

    Bypass-403

XSS

    XSStrike
    Gxss

LFI

    Oneliners
        gf
        ffuf

RCE

    My GrepVuln function

Open Redirect

    My GrepVuln function

SQLi

    Oneliners
        gf
        sqlmap

This is the hidden content, please

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.