Recon

This is the final post in our blog series on reconnaissance for penetration testing and bug bounty hunting. In this post, we look at some more creative ways to do active and passive reconnaissance to ensure completely coverage of your target's assets. Subsidiary and Acquisition Enumeration Subsidiary and acquisition enumeration,

Template-based Scanning Template-based scanning is a technique that can be used as part of reconnaissance to identify vulnerabilities and misconfigurations in a target system or network. It involves using a set of predefined templates or rules to define the types of vulnerabilities and misconfigurations that should be looked for, and

Live Host Discovery After gathering all available subdomains, the following process filters all valid ones based on their HTTP method and response content. The httpx tool can collect information about a web server, such as the types of HTTP methods it supports and the contents of its HTTP headers. Httpx

Subdomain enumeration is an essential reconnaissance technique in the fields of penetration testing and bug bounty hunting. In this part of our series on reconnaissance, we will explore the importance of this technique, how it works, and which tools can be used to conduct subdomain enumeration. We will also discuss

Reconnaissance is a pivotal part of penetration testing and bug bounty hunting, and having an understanding of an organization's assets is crucial for assessing its attack surface. Procuring complete and accurate information during this phase is often crucial for the success of the pentest. This initial step is crucial because

In the era of application security, bug bounties have evolved and become mainstream for hackers around the globe. Hackers are constantly looking for new tactics to automate the process of reconnaissance and find different types of vulnerabilities. One of the first steps to hacking a larger scoped program is subdomain