Recon ASRC Conference
Posted 17bdw
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Recon ASRC Conference相关的知识,希望对你有一定的参考价值。
场景
ASRC漏洞挖掘
方法论
1、Brands
Footers & about us: https://www.alibaba.com/
- ASNs
http://viewdns.info/reversewhois/
Search unique identifier:
Name
Registered Email
- Search Engine Dorks
Google、bing、baidu、DuckDuckGO
GHDB: https://www.exploit-db.com/google-hacking-database/
- Search Engines for Servers
shodan
censys
zoomeye
2、Subdomain
- Subdomain Discovery
Subfinder
Amass
Aquatone
- Subdomain Bruteforcing
subbrute
massdns
subfinder
All.txt - JHaddix
- Fingerprinting
Wappalyzer
Builtwith
Vulners
WPScan
droopescan
3、Mapping
Directory brute forcing:
GoBuster
Burp Discover Content
Search engine dorks
4、Hack
5、Recon again!
以上是关于Recon ASRC Conference的主要内容,如果未能解决你的问题,请参考以下文章