Bug Bounty pinned «INFORMATION GATHERING | PENETRATION TESTING Web Reconnaissance Or Information Gathering — Part 2 ( Whois Lookup, tools, site) SSL Certificate Parsing SSL Certificate Parsing is another way to find different domain names related to the target. But before…»
INFORMATION GATHERING | PENETRATION TESTING
Directory Brute Forcing – Web Reconnaissance Or Information Gathering – Part 3
Directory Brute-Forcing : Directory Brute-Forcing is a technique of finding hidden directories which are available on the web server. There are many cases in which hackers find directories which contains very sensitive information like admin panels, password files, outdated functionalities , database copies etc.
Main 2 Type of Tool To Find Hidden Directory :
Dirbuster and Gobuster
Dirb :
Dirbuster is another gui based tool , simply enter dirbuster in terminal and hit enter then after that enter the url and select the path of wordlist as shown in fig or you can your own also if you want, but in this you should compulsory give the file extension, so here I have given .php. Then after that just click on attack and side by side check your terminal you’ll get the name of files and directories whatever this tool has found.
Gobuster :
Gobuster is another tool which can be used to find the same.
Check out My Full Article :
https://jewkoiyie.com/directory-brute-forcing-web-reconnaissance-or-information-gathering-part-3/
Directory Brute Forcing – Web Reconnaissance Or Information Gathering – Part 3
Directory Brute-Forcing : Directory Brute-Forcing is a technique of finding hidden directories which are available on the web server. There are many cases in which hackers find directories which contains very sensitive information like admin panels, password files, outdated functionalities , database copies etc.
Main 2 Type of Tool To Find Hidden Directory :
Dirbuster and Gobuster
Dirb :
Dirbuster is another gui based tool , simply enter dirbuster in terminal and hit enter then after that enter the url and select the path of wordlist as shown in fig or you can your own also if you want, but in this you should compulsory give the file extension, so here I have given .php. Then after that just click on attack and side by side check your terminal you’ll get the name of files and directories whatever this tool has found.
Gobuster :
Gobuster is another tool which can be used to find the same.
Check out My Full Article :
https://jewkoiyie.com/directory-brute-forcing-web-reconnaissance-or-information-gathering-part-3/
❤2
INFORMATION GATHERING | PENETRATION TESTING
Website’s Directory Crawling Using Spider – Web Reconnaissance
Spidering the site :
Spidering is another way of finding the directories and the paths through web spidering or web crawling.
Web Crawling or Spidering: It is a process used to identify all pages on a site. This process is done with the help of a web spider tool, in this, we’ll use Burp Spider version 1.7.36 or OWASP Zap.
Check out the Full Article on Spider Tool :
https://jewkoiyie.com/websites-directory-crawling-using-spider-web-reconnaissance-part-4/
Website’s Directory Crawling Using Spider – Web Reconnaissance
Spidering the site :
Spidering is another way of finding the directories and the paths through web spidering or web crawling.
Web Crawling or Spidering: It is a process used to identify all pages on a site. This process is done with the help of a web spider tool, in this, we’ll use Burp Spider version 1.7.36 or OWASP Zap.
Check out the Full Article on Spider Tool :
https://jewkoiyie.com/websites-directory-crawling-using-spider-web-reconnaissance-part-4/
This Cheatsheet provides various tips for using Netcat for both Linux and Unix 🔥🌿🌿🌱☘️🌼🍀
All Syntex is designed for the original netcat
Here is Netcat 🌿Cheatsheet 🔥
All Syntex is designed for the original netcat
Here is Netcat 🌿Cheatsheet 🔥
Google warns that Russian and Belarusian hackers are targeting Ukraine and European allies through phishing attacks.
Read details: https://thehackernews.com/2022/03/google-russian-hackers-target.html
Read details: https://thehackernews.com/2022/03/google-russian-hackers-target.html
👍1
A new browser extension allows users to automatically check whether or not the WhatsApp Web code on their browser has been altered or tampered with, providing an extra layer of security for millions of desktop users.
Details: https://thehackernews.com/2022/03/heres-how-to-find-if-whatsapp-web-code.html
Details: https://thehackernews.com/2022/03/heres-how-to-find-if-whatsapp-web-code.html
Multiple vulnerabilities, including command injection, have been discovered in popular Software Package Managers—such as Composer, Bundler, Poetry, Yarn, pnpm, Pip, and Pipenv, some of which have not yet fixed the reported issues.
Read: https://thehackernews.com/2022/03/multiple-security-flaws-discovered-in.html
Read: https://thehackernews.com/2022/03/multiple-security-flaws-discovered-in.html
Google is officially buying cybersecurity company Mandiant in an all-cash deal approximately valued at $5.4 billion.
Read: https://thehackernews.com/2022/03/google-buys-cybersecurity-firm-mandiant.html
Read: https://thehackernews.com/2022/03/google-buys-cybersecurity-firm-mandiant.html
A newly discovered vulnerability (CVE-2022-25636) in the Netfilter #firewall module of Linux kernel could be exploited to gain root privileges on vulnerable systems, escape containers or cause a kernel panic.
Details: https://thehackernews.com/2022/03/new-linux-bug-in-netfilter-firewall.html
Details: https://thehackernews.com/2022/03/new-linux-bug-in-netfilter-firewall.html
If you use Git on a daily basis,
This cheat sheet is very useful!🔥
#github #developers #git #infosec #cybersecurity
This cheat sheet is very useful!🔥
#github #developers #git #infosec #cybersecurity
👍1
Happy Holi 🔥
To all cyber security researchers,bug hunters, web developers and all in IT's etc. from my side
🌾🌿🌱☘️🍀
Hope all your life fullfill with colours and happiness 😊
#HappyHoli #Holi2022 #infosec #bughunters #CyberSecurtiy
To all cyber security researchers,bug hunters, web developers and all in IT's etc. from my side
🌾🌿🌱☘️🍀
Hope all your life fullfill with colours and happiness 😊
#HappyHoli #Holi2022 #infosec #bughunters #CyberSecurtiy