Recon is the Key Part-1

Hello Hackers!

My todays topic is all about enumeration. As reconnaissance is the most important step in hacking. So lets begin!

1. Whois lookup
This is the very basic step which we need to do for every domain which we want to test.

Things which we need to check are as follows:
1. Name servers
2. Check whether website is hosted on shared hosting or dedicated server.





2. DIG (Domain Information Groper) Command

The command dig is a tool for querying DNS nameservers for information about host addresses, mail exchanges, nameservers, and related information.


3. Dirsearch 
Dirsearch is a simple command line tool designed to brute force directories and files in websites.

Command:

python3 dirsearch.py -u 'http://evil.com/' -e php,asp,aspx,jsp,db,config,xls,ini,pdf,txt



4. Dirbuster
DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.






5.  lazys3
A Ruby script to bruteforce for AWS s3 buckets using different permutations.
Command:  ruby lazys3.rb <COMPANY>
Example: ruby lazys3.rb evil





6.  Linkfinder


LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities.

python linkfinder.py -i http://www.evil.com/animate.js -o link.html





 

7.Check out the IP history






8. SSLScan


Scan the website for SSL bugs.

command: sslscan evil.com




9. Wapplyzer


Wappalyzer is a cross-platform utility that uncovers the technologies used on websites.









10. Builtwith

 Lets you find out what a website is built with by a simple click on the builtwith icon.




 

4 comments:

  1. Gclub Revealed New Year's News Follow the words of the teachers. Eat rice

    The love and ability of this young girl is a good obedience to the teachings of the mother. For New Year's Eve Your daughter, your love, your mother, your father, and your father, Songkran Teechanarong, and the latest service provider Gclub Online Casino Service Provider Asian celebrities also mentioned the news of the New Year's love with me. This is the new year to work with you. This is a cocktail party, with no sitting chairs. This is the New Year's intention to follow the teachings of the mother to not eat.

    By this site. gclub casino Also tell me that. The girls have posted an image with the message. "When the child confirms the words. I have to sit down ... But here's the cocktail. "

    This is your mother's side with sweat. How to dress up. I have to sit up. A chair and feed the daughter. It's all for you, the new year really, I see the love of the girl with her daughter love this is called the love is not normal it.

    ReplyDelete
  2. Nice Blog
    And Thank's To Ur Blog
    http://www.horizonss.co.in/customized-web-solutions/

    website development company|customized web solutions|website redesign| web development company in india

    #website development company
    #customized websolutions
    #website redesign
    #webdevelopment company in india
    #websitedevelopmentcompany
    #customizedwebsolutions
    #websiteredesign
    #webdevelopmentcompanyinindia
    #website #development #company
    #customized #websolutions
    #website #redesign
    #webdevelopment #company #in #india

    ReplyDelete

WIFI Hacking!

Hello Hackers! In this blog I am going to show you the basic things about WIFI hacking.   Special thanks to Akshay for   well writ...