696 B
696 B
Recon
Domeni
- crt.sh
- google site:example.org -site:www.example.org -site:...
- sublis3r program sublist3er.py -d example.org
- resolve to ip (for i in $(cat subdomens.txt) ; do host $i ; done
- whois domen,ip,as
Port scan
- nmap example.org
- nmap -sV example.org
- whatweb program
Vulenarbilites
- CVE details website
- nmap --script vulners -sV example.org
- sucuri website
- imuniweb
- wapiti
- xssstrike
- PwnXSS
Firewall detection
- firewalk
Automation
- recon should be automated to periodically scan targets
- nuclei program (scrippting language, daemon)
- owasp/amass program
Web
- dirbuster
- robots.txt
Anonimity
- tmap program
- Tor browser
- torsocks