Please enable JavaScript.
Coggle requires JavaScript to display documents.
Information Gathering (Gathering Information on Your Targets (Sorts Of…
Information Gathering
Gathering Information on Your Targets
What Is Info Gathering?
Black-Box Test
Sorts Of Information?
Infrastructure (Web Server, CMS, DataBases)
Application Logic
IPs, Domains and Subdomains
Virtual Hosts
Finding Owner, IP Addresses and Emails
WHOIS
DNS
Nslookup
Google Hacking
intitle
Site
Double quotes
filetype
Infrastructure
Fingerprinting The Web Server
NetCraft
Server Version
IP Addresses
Name Servers
Uptime stats
IP Address Owner
Host Provider
Security Modules
Bypass
Wappalayzer
httprint
whatweb
NetCat
mod-security WEBSITE
Obfuscate Service Banner
URL Rewriting [Search Engine Friendly URLs]
.htaccess [Apache Config File]
mod-rewrite [Apache Config File]
Subdomains Enumeration
NetCraft Search
Google Search Operators
Site:
inurl:
-site
-inurl
Tools
Subbrute
dnsrecon
theHarvester
Zone Transfare
nslookup
dig
Virtual Hosts
fierce
Applications
Shodan HQ
Scans Entire Internet
Scanning Ports
Filters
Before / After
Hostname
Port
OS
Country
Fingerprinting Frameworks and Applications
CMs
Add-Ons
Fingerprinting Custom Applications
Custom Apps
Components
Forms
Blogs
Shopping
Burp Target Crawlers
Spider
Site Map
Functional Graph
Purpose of website
Core of website
Main Areas of website
Third Party Apps
Attack Surface
Client Side Validation
SQL Injection
XSS
Database Interaction
SQL Injection
File Uploading & Downloading
Remote
Local File Inclusion
Display of User Supplied Data
Cross Site Scripting
Redirections
3XX Response
Time Based Rediredtion
Meta Tag
HTTP Response splitting
Header Manipulation
Access Controls and Login Protected Pages
Authentication bypass techniques
password brute forcing
Error Messages
Charting
Tree Based
Table Based
Enumerating Resources
Enumerating Resources
Crawling
Spider
Finding Hidden Files
DirBuster
Status Code 200
Backup Files .bak
Enumerating Users Accounts
Burp Suit
Patator
Information Disclosure Through Misconfiguration
Log and Config files
configuration.php.bak
HTTP Verbs and File Upload
OPTIONS HTTP
NOT (4XX,5XX)
PUT
Content Lenght
201 Created
Directory Listing
Python Scripting