mirror of
https://github.com/autistic-symposium/sec-pentesting-toolkit.git
synced 2025-05-02 06:46:07 -04:00
reorganizing
This commit is contained in:
Mari Wahl
parent
2afd831662
commit
bdcecd360b
5 changed files with 352 additions and 3 deletions
|
|
@ -21,3 +21,41 @@
|
|||
## User ID
|
||||
- cookie auth
|
||||
- user id
|
||||
|
||||
## Other Resources
|
||||
|
||||
#### When we have a Website/IP Address:
|
||||
|
||||
- Try to add folders to the domain, such as http://csaw2014.website.com or http://key.website.com.
|
||||
|
||||
- We brute force the subdomains, for example, with [subbrute.py]. This tool performs multi-threaded DNS lookups to a configurable list of DNS resolvers, searching through a list of possible subdomains.
|
||||
|
||||
- Use the command ```dig``` or ```ping``` in Linux to find the IP address of the website.
|
||||
|
||||
- *wgetting* the entire website with something like ```wget -e robots=off --tries=40 -r -H -l 4 <WEBSITE>```.
|
||||
|
||||
- Check the *robot.txt* file for hidden folders.
|
||||
|
||||
- Inspect the DOM using the browser's developer tools to look for HTML comments (plain view-source won't work when the content is loaded through Ajax).
|
||||
|
||||
|
||||
|
||||
|
||||
#### Tools
|
||||
|
||||
- [Burp Suite]
|
||||
- [FireBug] in Firefox
|
||||
|
||||
|
||||
-----------------
|
||||
[FireBug]: http://getfirebug.com/
|
||||
[Burp Suite]: http://portswigger.net/burp/
|
||||
[pngcheck]: http://www.libpng.org/pub/png/apps/pngcheck.html
|
||||
[karmadecay]: http://karmadecay.com/
|
||||
[tineye]: https://www.tineye.com/
|
||||
[images.google.com]: https://images.google.com/?gws_rd=ssl
|
||||
[base64 decoding]: http://www.motobit.com/util/base64-decoder-encoder.asp
|
||||
[subbrute.py]: https://github.com/SparkleHearts/subbrute
|
||||
[pnginfo]: http://www.stillhq.com/pngtools/
|
||||
[namechk]: http://namechk.com
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue