Discover and read the best of Twitter Threads about #AttackSurfaceManagement

Most recents (2)

Profile picture
ReconOne
@ReconOne_bk
6 easy steps to master httpx. A thread ๐Ÿ‘‡๐Ÿงต

httpx (from @pdiscoveryio) is a fast and multi-purpose HTTP toolkit. Let's find out how it works

๐Ÿ‘‡

#recon #httpx #bugbountytips #bugbounty #AttackSurfaceManagement #recontips
1/6 Standard use

httpx can be used with a target list or piped with other tools:

$ httpx -list subdomains.txt

$ subfinder -d ups. com | httpx -silent

$ httpx -l subs.txt -ports 8080 -threads 100
2/6 Specific Path or file:

It's possible to request a specific file or path useful for searching misconfiguration on multiple targets:

$ httpx -l subs.txt -silent -path โ€œ/.git/โ€ -fr -mc 200
Read 8 tweets
Profile picture
ReconOne
@ReconOne_bk
Subdomain Enumeration is a critical phase in the BugBounty game

Subfinder (from @pdiscoveryio) is one of the best tool for subdomain enumeration

Here are 6 steps to master this great tool ๐Ÿ‘‡๐Ÿงต

#recontips #bugbountytips #bugbounty #pentesting #AttackSurfaceManagement
1/6 Subdomain Enumeration

$ subfinder -d ups. com

$ subfinder -d ups .com -all -config config.yaml

$ subfinder -dL listOfDomains.txt -all
2/6 Sources

You can display, exclude or selecting the sources

$ subfinder -d ups. com -collect-sources

$ subfinder -d ups. com -exclude-sources crtsh,alienvault

$ subfinder -d ups. com -sources crtsh

$ subfinder -ls
Read 8 tweets

Related hashtags

#httpx #AttackSurfaceManagement #pentesting #recontips #bugbountytips #bugbounty #recon

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!