Hussein D Talk Series
Port scanning, deep port scanning
Subdomain recon of deeper domains like xxxx.admin.andela.com
http://bounty.offensiveai.com/
Facebook cert
crtys
ffuf to scan for WORD.admin.example.com
Fuff -u http://fuzz.sub.domain.com -w wordlist
Suip.biz subdomain
Angry ip scanner
Scan from this ip to this ip with this port
First crawling the website and see all the requests, Blind SQL Injections
Dumper Script sQL Map, (aTlas GitHub)
Internet Marketing Ninja(crawler)
Fofa.so
Arjun or PAraminers Change json to xml, tamper with it
Change get request to POST,
LFI, Links input, file input, image inputs
#!bin/bash
cd Sublist3r && python sublist3r.py -d example.com
โs/ substitute
\w* remove the first line
. Remove the space
// nothing
$ at the end of the line
โs/\[404].//
Bash
Cut http and https from urls sed 's/https\?:\/\///'
packet_write_wait: Connection to 64.225.114.42 port 22: Broken pipe
sed 's/https\?:\/\///' |tr -d "[,0-9]"
cat no404s.txt | sed 's/https\?:\/\///' |tr -d "[,0-9]" > cleanno404.txt
cat no404s.txt | sed 's/https\?:\/\///' |tr -d "[,0-9]" > cleanno404.txt
Look at javascript files always
phpinfo path
Apache default path
Active+++