Passive information Gathering
Google Dorking
site:megacorpone.com -filetype:html
The Direcotry Listing like google dorking
intitle:"index of" "parent directory"
Netcraft Website
from
site report > site technology
>> List the subdomian technologies
Search from GitHub, GitLab, GitHub Gist, SourceForge
You can search online source codes repositories
Sometime
api key
,credential leak
form this siteTools
gitleaks
Shodan
Shodan querys
hostname:megacorpone.com port:"22"
Security Headers and SSL/TLS
https://www.secuirtyheaders.com
The missing headers are not necessarily vulnerability themselves, but they could indicate web dev or server admin are not familier with server hardening
Last updated