mirror of
https://github.com/autistic-symposium/sec-pentesting-toolkit.git
synced 2025-05-01 22:36:05 -04:00
43 lines
1.2 KiB
Markdown
43 lines
1.2 KiB
Markdown
# Recon
|
|
|
|
|
|
### Searching the Internets
|
|
|
|
The recon problems usually give you someone/something's name and a task or a hint to find some specific information about it. So the first thing is of course google it.
|
|
|
|
Google anything using keywords such as ```filetype:cgi inurl:cgi-bin```
|
|
|
|
|
|
### In addition we can look at:
|
|
|
|
- Facebook, Twitter, Linkedin, Google+, reddit, /r/netsec.
|
|
- IRC: with **/whois **.
|
|
- [namechk]
|
|
- Github: check in the commit history.
|
|
|
|
|
|
### Finding pictures:
|
|
|
|
- [karmadecay]
|
|
- [tineye]
|
|
- [images.google.com]
|
|
|
|
### Advanced Recon
|
|
|
|
- [redbot.org](https://redbot.org/)
|
|
- [shodan.io](https://www.shodan.io/)
|
|
- [censys.io](https://censys.io/)
|
|
|
|
-----------------
|
|
[FireBug]: http://getfirebug.com/
|
|
[Burp Suite]: http://portswigger.net/burp/
|
|
[pngcheck]: http://www.libpng.org/pub/png/apps/pngcheck.html
|
|
[karmadecay]: http://karmadecay.com/
|
|
[tineye]: https://www.tineye.com/
|
|
[images.google.com]: https://images.google.com/?gws_rd=ssl
|
|
[base64 decoding]: http://www.motobit.com/util/base64-decoder-encoder.asp
|
|
[subbrute.py]: https://github.com/SparkleHearts/subbrute
|
|
[pnginfo]: http://www.stillhq.com/pngtools/
|
|
[namechk]: http://namechk.com
|
|
[md5 decryption]: https://www.md5online.org/
|
|
|