Intelligence gathering and enumerating a target with various data sources are essential techniques during the reconnaissance phase that gives a broader scope to investigate different sets of infrastructure and provides plenty of assets to build a solid attack vector. And you'll have the advantage to find more vulnerability from a target source. But gathering intelligence from a target always isn't so simple, especially while collecting subdomains, it requires connecting the target with different data sources.
In this article, I'll discuss my favourite recon tools which I often use in Bug Bounty. And a few years ago, I posted a Twitter post by sharing my RECON steps for Bug Bounty with essential tools and that Twitter post got some serious attention and people from all over the world from security saw that post. And the thread got more than 40,000 views, till today also people are following that thread, really appreciated it.
HTTP Request Smuggling is very critical and high severity vulnerability and was initially discovered by watchfire back in 2005 and later it got re-discovered by James Kettle - (albinowax) in August 2019 and presented his research at DEF CON 27 & Black-HAT USA. HRS vulnerability allows an attacker to smuggle an ambiguous HTTP-request as second request in one single HTTP-request to bypass the security controls of a website and gain access to unauthorized sensitive data and performs malicious activities. To know more about this vulnerability I'll highly suggest referring James Kettle well-documented research blogs at Portswigger website.
A portfolio site is essential for every software developer to showcase projects and technical skills which demonstrates what you can do based upon your resume, your portfolio will be very much helpful on the job search because the employer can able to see your work and will be easier for them to evaluate your work for the suitable job, nowadays for every software developer is quite essential to maintain a web presence like official GitHub, Twitter account & your website, so that you can reach out developer communities and build a developer network.
Forest Assassin is a 2D adventure platformer game with easy controls and fun gameplay, which helps every one to get started, this is a classic platformer game with wonderfully designed characters and world. To complete the game collect all the coins and the trophy try to collect all 100 gold coins to become the highest scorer in this adventurers platformer game, on your way you will face many obstacles and enemies and use your sword to fight with the enemy.
Coronavirus (COVID-19) which is an infectious disease caused by respiratory illness and symptoms like flu, cough, fever, difficulty breathing, on December 31, 2019, the first case was recorded in Wuhan, China and later the virus got spread around the world and as of now, around 1 million+ confirmed cases are being recorded since then.
Information Gathering is the most important stage of every penetration testing so that you will have a better understanding about your target to exploit vulnerabilities and information like (IP addresses, Subdomain, Open ports and etc.) but to gather information you need proper reconnaissance tools and there are many recon tools which are available on Github but among them, I found Top 10 Recons tools which you can use to gather all of this information about your target.
This is the demonstration of Stored Cross-Site Scripting attack in SQLiteManager & User-Agent header and for this demo, I’ll be using bWAPP and bWAPP is a buggy web application and we can use to test various vulnerabilities in the web.