Scribd Logo
Upload

Welcome to Scribd!

  • Web App Direction

    Uploaded by

    student
    17 views2 pages

    Original Title

    web app direction

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    17 views2 pages

    Web App Direction

    Uploaded by

    student

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Passive recon

    -------------

    1.waybackMachine-master -> python waybackMachine.py target.com


    2.fierce -> fierce --domain target.com
    3.dig -> dig target.com ns
    4.theHarvester -> theHarvester -d target.com -b google [many more as
    google source checkout theHarvester -h]
    5.osrframework -> [ domainfy.py ; domainfy.py --whois -n
    targetname ; mailfy.py -n targetname ; searchfy.py -q targetname ; usufy.py -n
    targetname ; etc]
    6.whois -> whois target.com
    7.DNSenum -> dnsenum target.com
    8.dnsdumpster -> dnsdumpster.com
    9.Reverse IP -> yougetsignal.com

    Active recon
    ------------

    1.NMap -> nmap --script dns-brute --script-args dns-


    brute.domain=target.com
    2.NMap -> nmap -sV -p 80 --script http-enum target-ip
    3.subbrute -> ./subbrute.py [Time taken]
    4.WhatWeb -> WhatWeb target.com

    Google Dorks
    ------------

    1.sql error -> "SQL Server Drive][SQL Server]Line 1:Incorrect


    syntax near" site:target.com
    2.filetype -> site:target.com filetype:pdf
    3.word -> intitle:admin or inurl:admin site:target.com
    4.extension -> ext:pdf site:target.com
    5.particular word in path -> inurl:/download site:target.com
    6.intitle -> intitle:"user login" site:target.com
    7.backup.sql -> backup.sql intext:"SELECT" ext:sql site:target.com
    8.signature -> intext: "target signature"
    site:com/net/in/co.in/etc
    9.index of -> intitle:"index of" pdf remote code execution

    Recon-Ng
    --------

    -> modules load recon/domains-hosts/hackertarget


    -> options set SOURCE target.com
    -> run

    from bing search


    ----------------

    -> modules load bing_domain_web


    -> options set SOURCE target.com
    -> run
    -> show hosts
    Fingerprinting web app framework
    --------------------------------

    -> whatweb -v target.com


    -> Response from requested web server in browser network area and by using burp.
    -> Comments in HTML page also revil framework

    Identifying HTTP methods using Nmao


    -----------------------------------

    ->nmap --script http-methods -p80,443,8080 target.com

    Directory Brute force


    ---------------------

    -> dirb https://target.com

    ->https://securitytrails.com/
    URLS
    ----

    https://pentester.land/list-of-bug-bounty-writeups.html

    encoder
    -------
    https://www.w3schools.com/tags/ref_urlencode.ASP

    You might also like