场景
ASRC漏洞挖掘
方法论
1、Brands
Footers & about us: https://www.alibaba.com/
- ASNs
http://viewdns.info/reversewhois/
Search unique identifier:
Name
Registered Email
- Search Engine Dorks
Google、bing、baidu、DuckDuckGO
GHDB: https://www.exploit-db.com/google-hacking-database/
- Search Engines for Servers
shodan
censys
zoomeye
2、Subdomain
- Subdomain Discovery
Subfinder
Amass
Aquatone
- Subdomain Bruteforcing
subbrute
massdns
subfinder
All.txt - JHaddix
- Fingerprinting
Wappalyzer
Builtwith
Vulners
WPScan
droopescan
3、Mapping
Directory brute forcing:
GoBuster
Burp Discover Content
Search engine dorks