Hussein D Talk Series

Port scanning, deep port scanning

Subdomain recon of deeper domains like xxxx.admin.andela.com

http://bounty.offensiveai.com/

Facebook cert

crtys

ffuf to scan for WORD.admin.example.com

Fuff -u http://fuzz.sub.domain.com -w wordlist

Suip.biz subdomain

Angry ip scanner

Scan from this ip to this ip with this port

First crawling the website and see all the requests, Blind SQL Injections

Dumper Script sQL Map, (aTlas GitHub)

Internet Marketing Ninja(crawler)

Fofa.so

Arjun or PAraminers Change json to xml, tamper with it

Change get request to POST,

LFI, Links input, file input, image inputs

#!bin/bash

cd Sublist3r && python sublist3r.py -d example.com

’s/ substitute

\w* remove the first line

. Remove the space

// nothing

$ at the end of the line

’s/\[404].//

Bash

Cut http and https from urls sed 's/https\?:\/\///'
packet_write_wait: Connection to 64.225.114.42 port 22: Broken pipe

sed 's/https\?:\/\///' |tr -d "[,0-9]"

cat no404s.txt | sed 's/https\?:\/\///' |tr -d "[,0-9]" > cleanno404.txt

cat no404s.txt | sed 's/https\?:\/\///' |tr -d "[,0-9]" > cleanno404.txt

Look at javascript files always

phpinfo path

Apache default path

Active+++

Comments