Discover and read the best of Twitter Threads about #recontips

Most recents (5)

ProjectDiscovery Recon Series πŸ”₯

Your daily Sunday reading is brought to you by @pdiscoveryio with its Recon 101 Series.πŸ§΅πŸ‘‡

#Recon #AttackSurface #bugbounty #recontips #projectdiscovery Image
1 - Active and Passive Recon

Master both techniques to uncover target info stealthily.

blog.projectdiscovery.io/reconnaissance…
2 - Subdomain Enumeration

Unveil hidden web assets.

blog.projectdiscovery.io/recon-series-2/
Read 6 tweets
Want to improve your network scanning skills with Nmap? πŸ•΅οΈβ€β™€οΈπŸ’»

Check out these 5 quick tips to define targets, speed up scans, and scan with specific script categories! πŸ§΅πŸ‘‡

#recon #recontips #AttackSurface #bugbounty #recontools #cybersecurity
1/5 Let's start with how to define targets.

Define targets for nmap scan by specifying IP addresses, IP ranges, domain names, or using a target list file.

$ nmap <IP1> <IP2> …
$ nmap 192.168.0.1/24
$ nmap <domain name>
$ nmap -iL <target list file>
2/5 The Ippsec scan for basic coverage.

Perform a comprehensive network scan using nmap's Ippsec initial scan.

$ nmap 127.0.0.1 -sC -sV -oA initial_nmap_scan
Read 7 tweets
🧡 Here we are! Katana, a new web Crawler by @pdiscoveryio

Let's see how it works. A thread πŸ‘‡πŸ§΅

#recontips #recon #projectdiscovery #hackwithautomation #bugbounty
1/7 - Quick Start - Crawling Mode

You can crawl websites in Standard mode or Headless mode (-hl). Add -jc for JS Crawling

$ katana -u http://testphp.vulnweb. com

$ katana -u http://testphp.vulnweb. com -hl

$ katana -list url_list.txt -jc
2/7 - Filters - 1

You can filter results to show only urls,path,file, and much more

$ katana -u http://testphp.vulnweb. com -fields path

$ katana -u http://testphp.vulnweb. com -fields file

$ katana -u http://testphp.vulnweb. com -fields dir
Read 9 tweets
6 easy steps to master httpx. A thread πŸ‘‡πŸ§΅

httpx (from @pdiscoveryio) is a fast and multi-purpose HTTP toolkit. Let's find out how it works

πŸ‘‡

#recon #httpx #bugbountytips #bugbounty #AttackSurfaceManagement #recontips
1/6 Standard use

httpx can be used with a target list or piped with other tools:

$ httpx -list subdomains.txt

$ subfinder -d ups. com | httpx -silent

$ httpx -l subs.txt -ports 8080 -threads 100
2/6 Specific Path or file:

It's possible to request a specific file or path useful for searching misconfiguration on multiple targets:

$ httpx -l subs.txt -silent -path β€œ/.git/” -fr -mc 200
Read 8 tweets
Subdomain Enumeration is a critical phase in the BugBounty game

Subfinder (from @pdiscoveryio) is one of the best tool for subdomain enumeration

Here are 6 steps to master this great tool πŸ‘‡πŸ§΅

#recontips #bugbountytips #bugbounty #pentesting #AttackSurfaceManagement
1/6 Subdomain Enumeration

$ subfinder -d ups. com

$ subfinder -d ups .com -all -config config.yaml

$ subfinder -dL listOfDomains.txt -all
2/6 Sources

You can display, exclude or selecting the sources

$ subfinder -d ups. com -collect-sources

$ subfinder -d ups. com -exclude-sources crtsh,alienvault

$ subfinder -d ups. com -sources crtsh

$ subfinder -ls
Read 8 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!