GitBook: [master] 3 pages and 4 assets modified
This commit is contained in:
parent
eea67b51e9
commit
aff5328770
Before Width: | Height: | Size: 740 KiB After Width: | Height: | Size: 740 KiB |
Before Width: | Height: | Size: 740 KiB After Width: | Height: | Size: 740 KiB |
@ -304,7 +304,7 @@ cat /tmp/domains.txt | httprobe -p http:8080 -p https:8443 #Check port 80, 443 a
|
|||||||
|
|
||||||
Now that you have discovered **all the web servers** present in the scope \(among the **IPs** of the company and all the **domains** and **subdomains**\) you probably **don't know where to start**. So, let's make it simple and start just taking screenshots of all of them. Just by **taking a look** at the **main page** you can find **weird** endpoints that are more **prone** to be **vulnerable**.
|
Now that you have discovered **all the web servers** present in the scope \(among the **IPs** of the company and all the **domains** and **subdomains**\) you probably **don't know where to start**. So, let's make it simple and start just taking screenshots of all of them. Just by **taking a look** at the **main page** you can find **weird** endpoints that are more **prone** to be **vulnerable**.
|
||||||
|
|
||||||
To perform the proposed idea you can use [**EyeWitness**](https://github.com/FortyNorthSecurity/EyeWitness), [**HttpScreenshot**](https://github.com/breenmachine/httpscreenshot), [**Aquatone**](https://github.com/michenriksen/aquatone), ****[**shutter**](https://shutter-project.org/downloads/) ****or [**webscreenshot**](https://github.com/maaaaz/webscreenshot)**.**
|
To perform the proposed idea you can use [**EyeWitness**](https://github.com/FortyNorthSecurity/EyeWitness), [**HttpScreenshot**](https://github.com/breenmachine/httpscreenshot), [**Aquatone**](https://github.com/michenriksen/aquatone), **\*\*\[**shutter**\]\(**[https://shutter-project.org/downloads/](https://shutter-project.org/downloads/)**\) \*\***or [**webscreenshot**](https://github.com/maaaaz/webscreenshot)**.**
|
||||||
|
|
||||||
## Cloud Assets
|
## Cloud Assets
|
||||||
|
|
||||||
@ -351,7 +351,7 @@ There are several tools out there that will perform part of the proposed actions
|
|||||||
* \*\*\*\*[**https://github.com/yogeshojha/rengine**](https://github.com/yogeshojha/rengine)\*\*\*\*
|
* \*\*\*\*[**https://github.com/yogeshojha/rengine**](https://github.com/yogeshojha/rengine)\*\*\*\*
|
||||||
* \*\*\*\*[**https://github.com/j3ssie/Osmedeus**](https://github.com/j3ssie/Osmedeus)\*\*\*\*
|
* \*\*\*\*[**https://github.com/j3ssie/Osmedeus**](https://github.com/j3ssie/Osmedeus)\*\*\*\*
|
||||||
* \*\*\*\*[**https://github.com/six2dez/reconftw**](https://github.com/six2dez/reconftw)\*\*\*\*
|
* \*\*\*\*[**https://github.com/six2dez/reconftw**](https://github.com/six2dez/reconftw)\*\*\*\*
|
||||||
* \*\*\*\*[**https://github.com/hackerspider1/EchoPwn**](https://github.com/hackerspider1/EchoPwn) ****- A little old and not updated
|
* \*\*\*\*[**https://github.com/hackerspider1/EchoPwn**](https://github.com/hackerspider1/EchoPwn) _\*\*_- A little old and not updated
|
||||||
|
|
||||||
## **References**
|
## **References**
|
||||||
|
|
||||||
|
@ -128,7 +128,7 @@ The response is a JSON dictionary with some important data like:
|
|||||||
* Signed using the **device identity certificate \(from APNS\)**
|
* Signed using the **device identity certificate \(from APNS\)**
|
||||||
* **Certificate chain** includes expired **Apple iPhone Device CA**
|
* **Certificate chain** includes expired **Apple iPhone Device CA**
|
||||||
|
|
||||||
![](../../../.gitbook/assets/image%20%28567%29%20%281%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29.png)
|
![](../../../.gitbook/assets/image%20%28567%29%20%281%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29.png)
|
||||||
|
|
||||||
### Step 6: Profile Installation
|
### Step 6: Profile Installation
|
||||||
|
|
||||||
|
@ -87,3 +87,7 @@ jar cmvf META-INF/MANIFEST.MF test.jar test.class
|
|||||||
https://github.com/securego/gosec
|
https://github.com/securego/gosec
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### PHP
|
||||||
|
|
||||||
|
[Psalm](https://phpmagazine.net/2018/12/find-errors-in-your-php-applications-with-psalm.html) and [PHPStan](https://phpmagazine.net/2020/09/phpstan-pro-edition-launched.html).
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user