From 8209d32bafaa679793e5249ad7ac8cfae8f33011 Mon Sep 17 00:00:00 2001
From: Swissky <swisskysec@protonmail.com>
Date: Mon, 23 Apr 2018 21:22:11 +0200
Subject: [PATCH] Abstract for methodology

---
 .../Methodology_and_enumeration.md            | 30 ++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/Methodology and Resources/Methodology_and_enumeration.md b/Methodology and Resources/Methodology_and_enumeration.md
index 7bd6942..9a3bdb2 100644
--- a/Methodology and Resources/Methodology_and_enumeration.md	
+++ b/Methodology and Resources/Methodology_and_enumeration.md	
@@ -1,6 +1,34 @@
 # Bug Hunting Methodology and Enumeration
 ![exploitation](https://img.shields.io/badge/WIP-70%25-green.svg)
 
+**Summary**
+1. [Enumerate all subdomains](#enumerate-all-subdomains-only-if-the-scope-is-domainext)
+ * Subbrute
+ * KnockPy
+ * GoogleDorks
+ * EyeWitness
+ * Sublist3r
+ * Aquatone
+2. [Passive Recon](#passive-recon)
+ * Shodan
+ * Wayback Machine
+ * The Harvester
+3. [Active Recon](#active-recon)
+ * Nmap
+ * Nmap Script
+ * RPCClient
+ * Enum4all
+4. [List all the subdirectories and files](#list-all-the-subdirectories-and-files)
+ * Gobuster
+ * Backup File Artifacts Checker
+5. [Web Vulnerabilities](#looking-for-web-vulnerabilities)
+ * Repository Github
+ * Burp
+ * Web Checklist
+ * Nikto
+ * Payment functionality
+
+
 ## Enumerate all subdomains (only if the scope is *.domain.ext)
 
 * Using Subbrute
@@ -310,7 +338,7 @@ then launch Burp with : java -jar burpsuite_free_v*.jar &
   e.g :
 
 Test card numbers and tokens  
-    
+
 | NUMBER           | BRAND          | TOKEN          |
 | :-------------   | :------------- | :------------- |
 | 4242424242424242 | Visa           | tok_visa       |