Recon

This is part one of our two-part series on polite hacking, focusing on what to do. Part two talks about what not to do (link coming soon).  This blog is not about techniques. It’s not about tools to use, how to find the vulnerability, or anything like that. There

Welcome to a 5 part series on Recon with ProjectDiscovery! * Part 1 * Part 2 * Part 3 * Part 4 * Part 5 * This is the final post in our blog series on reconnaissance for penetration testing and bug bounty hunting. In this post, we look at some more creative ways to do

Welcome to a 5 part series on Recon with ProjectDiscovery! * Part 1 * Part 2 * Part 3 * Part 4 * Part 5 * Template-based Scanning Template-based scanning is a technique that can be used as part of reconnaissance to identify vulnerabilities and misconfigurations in a target system or network. It involves using a

Welcome to a 5 part series on Recon with ProjectDiscovery! * Part 1 * Part 2 * Part 3 * Part 4 * Part 5 * Live Host Discovery After gathering all available subdomains, the following process filters all valid ones based on their HTTP method and response content. The httpx tool can collect information about

Welcome to a 5 part series on Recon with ProjectDiscovery! * Part 1 * Part 2 * Part 3 * Part 4 * Part 5 * Subdomain enumeration is an essential reconnaissance technique in the fields of penetration testing and bug bounty hunting. In this part of our series on reconnaissance, we will explore the importance

Welcome to a 5 part series on Recon with ProjectDiscovery! * Part 1 * Part 2 * Part 3 * Part 4 * Part 5 * Reconnaissance is a pivotal part of penetration testing and bug bounty hunting, and having an understanding of an organization's assets is crucial for assessing its attack surface. Procuring

In the era of application security, bug bounties have evolved and become mainstream for hackers around the globe. Hackers are constantly looking for new tactics to automate the process of reconnaissance and find different types of vulnerabilities. One of the first steps to hacking a larger scoped program is subdomain

What is Katana? Katana is a command-line interface (CLI) web crawling tool written in Golang. It is designed to crawl websites to gather information and endpoints. One of the defining features of Katana is its ability to use headless browsing to crawl applications. This means that it can crawl single-page

In this blog we’ll discuss the basics of proxies, explain what Proxify is and how it can be used. You’ll learn how to: 1. Install and run Proxify 2. Customize proxy output files and addresses 3. Use DSL language to match and/or replace requests/responses from CLI.