daffainfo
/
PayloadsAllTheThings
mirror of https://github.com/daffainfo/PayloadsAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Abstract for methodology

patch-1
Swissky 2018-04-23 21:22:11 +02:00
parent 54661cbd70
commit 8209d32baf
1 changed files with 29 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
Methodology and Resources/Methodology_and_enumeration.md
View File

@ -1,6 +1,34 @@
# Bug Hunting Methodology and Enumeration # Bug Hunting Methodology and Enumeration
![exploitation](https://img.shields.io/badge/WIP-70%25-green.svg) ![exploitation](https://img.shields.io/badge/WIP-70%25-green.svg)
**Summary**
1. [Enumerate all subdomains](#enumerate-all-subdomains-only-if-the-scope-is-domainext)
* Subbrute
* KnockPy
* GoogleDorks
* EyeWitness
* Sublist3r
* Aquatone
2. [Passive Recon](#passive-recon)
* Shodan
* Wayback Machine
* The Harvester
3. [Active Recon](#active-recon)
* Nmap
* Nmap Script
* RPCClient
* Enum4all
4. [List all the subdirectories and files](#list-all-the-subdirectories-and-files)
* Gobuster
* Backup File Artifacts Checker
5. [Web Vulnerabilities](#looking-for-web-vulnerabilities)
* Repository Github
* Burp
* Web Checklist
* Nikto
* Payment functionality
## Enumerate all subdomains (only if the scope is *.domain.ext) ## Enumerate all subdomains (only if the scope is *.domain.ext)
* Using Subbrute * Using Subbrute