场景
ASRC漏洞挖掘
方法论
1、Brands
Footers & about us:
- ASNs
Search unique identifier:
Name
Registered Email
- Search Engine Dorks
Google、bing、baidu、DuckDuckGO
GHDB:
- Search Engines for Servers
shodan
censys
zoomeye
2、Subdomain
- Subdomain Discovery
Subfinder
Amass
Aquatone
- Subdomain Bruteforcing
subbrute
massdns
subfinder
All.txt - JHaddix
- Fingerprinting
Wappalyzer
Builtwith
Vulners
WPScan
droopescan
3、Mapping
Directory brute forcing:
GoBuster Burp Discover Content Search engine dorks