Tag: Exploration
-
Pentesting Recon: Navigating Footprints
Tool Name URL Description Nmap https://nmap.org/ Network scanning and host discovery tool. Recon-ng https://github.com/lanmaster53/recon-ng Full-featured reconnaissance framework. Shodan https://www.shodan.io/ Search engine for internet-connected devices. TheHarvester https://github.com/laramies/theHarvester Email and subdomain harvesting tool. Maltego https://www.maltego.com/ Interactive data mining and link analysis tool. SpiderFoot https://www.spiderfoot.net/ Open-source footprinting tool. OSINT Framework https://osintframework.com/ Collection of various OSINT tools. EyeWitness https://github.com/FortyNorthSecurity/EyeWitness…
-
Certificate Discovery: Subdomain Enumeration
In the ever-expanding landscape of cybersecurity, subdomain enumeration remains a pivotal aspect of reconnaissance. Traditional methods often involve brute-force or dictionary attacks, but a more sophisticated approach involves querying certificate transparency logs provided by services like crt.sh and Censys.io. In this article, we’ll explore the rationale behind using certificate records for subdomain enumeration, understand the…