Be creative when it comes to keywords and use their search! Check their GitHub company profile, filter for languages and start searching: I can only recommend to watch his Video together with where he shares some insights. Github Recon GitHub is a Goldmine - mastered it to find secrets on GitHub. Interesting endpoints and probably secrets that shouldn't be there can be found! Make sure you check Github - type in the Domain of the company and manually look through the code-results. Use Github search and other search engines The tool subfinder (look above) already provides the possibility to use search engines for subdomain enumeration, but it does not support GitHub. Make sure to test our tool - it's completely free for up to 2 domains and 50 subdomains! Go ahead! Get free security reports for your company's domain! You will need to verify that you are the owner of the domain you want to scan, though. Offensity helps professional IT admins identify vulnerabilities by scanning their infrastructure and uses a lot of the techniques described here. We are a team of security enthusiasts based in Austria that want to make the Internet a better and safer place. In this Blogpost I want to explain, how I am normally performing reconnaissance during Pentests and for Bug Bounties. ![]() ![]() Bounty hunters like and are showing this regularly and I can only recommend to follow them and use their tools. There are still "easy wins“ out there which can be found, if you have a good strategy when it comes to reconnaissance. ![]() Especially when it comes to Bug Bounty hunting, reconnaissance is one of the most valuable things to do.
0 Comments
Leave a Reply. |