-
-
Notifications
You must be signed in to change notification settings - Fork 938
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue for tracking some Discord topics #821
Comments
Origin ip flow: discover origin ip for domains and subs there are a bunch of tools that do this but I think reconftw already does this, not sure how well though. Add Fuzzing paths to the main url list : Do we append discovered paths from fuzzing to the urls for further processing? For example for running them through gf and other tools and eventually end up with more targets for vuln testing. If not, we should append 200 hits on fuzzing in the url list from crawling and other sources and then proceed with the rest. Verbose mode: A flag that will show the full output from each tool while they run so you can troubleshoot and find issues and tools that stuck . Also good to check on why some tools take to long and be able to see the progress of them. |
Another nice tool for when Jira is detected : https://github.com/MayankPandey01/Jira-Lens |
Maybe also have a look into brokenlinks, from what ive checked the current tool provides broken links only within the target scope , domain/subdomain but it doesnt detect thirdparty broken links which are good to find takeovers on and takeover broken links . Maybe use another tool that can do that or adjust the flags. |
Another workflow for IIS : Detect IIS servers , using nuclei or any other tool then run them against https://github.com/bitquark/shortscan for detecting diretories and file names for further exploitation. |
The text was updated successfully, but these errors were encountered: