heeyaa fam
happy epiphany for those who are celebrating ππ
and btw here is the channel i created for file sharing purpose check it out : @Afr0Files
@AfroSec
happy epiphany for those who are celebrating ππ
and btw here is the channel i created for file sharing purpose check it out : @Afr0Files
@AfroSec
π3πΏ2
methodology that i used
@AfroSec
subfinder -d example.com -all -recursive > subdomain.txt
for subdomain
cat subdomain.txt | httpx-toolkit -ports 80,443,8080,8000,8888 -threads 200 > subdomains_alive.txt
live subdomain
katana -u subdomains_alive.txt -d 5 -ps -pss waybackarchive,commoncrawl,alienvault -kf -jc -fx -ef woff,css,png,svg,jpg,woff2,jpeg,gif,svg -o allurls.txt
to fetch passive urls
cat allurls.txt | grep -E '\.xls|\.xml|\.xlsx|\.json|\.pdf|\.sql|\.doc|\.docx|\.pptx|\.txt|\.zip|\.tar\.gz|\.tgz|\.bak|\.7z|\.rar|\.log|\.cache|\.secret|\.db|\.backup|\.yml|\.gz|\.config|\.csv|\.yaml|\.md|\.md5'
search for sensetive file
credit: lostsec.xyz@AfroSec
π4
simple and handy way to find original ip of a target website
u can also check this vid on u tube : [vid]
blog : [check this blog]
@AfroSec
1. censys search example.com | grep "ip" | egrep -v "description" | cut -d ":" -f2 | tr -d \"\, | tee ip.txt | httpx
2. uncover -q "example.com" -e censys,fofa,shodan,shodan-idb | httpx (preferable) u can also check this vid on u tube : [vid]
blog : [check this blog]
@AfroSec
π2
Learning and trying to find bugs is a great skill in the cybersecurity world, but it's also essential to understand how your target actually works before hacking it.
Take time to analyze the workflow firstβknow what the system does, how it interacts with users, and its purpose. This can give you better insights and help you find more impactful vulnerabilities.
This video might give you a clearer idea of how real-world Active Directory works : [AD ]
@AfroSec
Take time to analyze the workflow firstβknow what the system does, how it interacts with users, and its purpose. This can give you better insights and help you find more impactful vulnerabilities.
This video might give you a clearer idea of how real-world Active Directory works : [AD ]
@AfroSec
YouTube
How we use Active Directory at work | Real world | Best Practice and tips
#activedirectory #windowsserver2022 #itspecialists #itsupportservices
Hey guys! In this video, I'll be showing how Active Directory is used in the workplace. I'll also be showing the best practices and tips to efficiently use AD at work so if you're interestedβ¦
Hey guys! In this video, I'll be showing how Active Directory is used in the workplace. I'll also be showing the best practices and tips to efficiently use AD at work so if you're interestedβ¦
β€1