Passive information collection using Recon ng

Passive information collection using Recon ng Full feature web information search framework, developed based on Python. Note: when reading this article, pay attention to reading the comments in the code at the same time. 1. Enter Recon ng environment 1.1 welcome interface _/_/_/ _/_/_/_/ _/_/_/ _/_/_/ _/ _/ ...

Posted by deurwaarder on Fri, 08 Oct 2021 18:28:29 -0700

[netding Cup 2018]Fakebook - SSRF / deserialization vulnerability / SQL injection

Solution I Solution II Solution III Test site • directory scanning • SSRF • SQL injection • PHP deserialization When we get the website, we first need to collect information about the website to expand the probability of vulnerability discovery, such as whois, fingerprint identification, scanning the directory of ...

Posted by IndianaRogers on Wed, 29 Sep 2021 15:46:51 -0700

On batch mining of src vulnerabilities

preface This blog post only talks about vulnerability utilization and batch mining. Before contacting src, I had the same question with many masters, that is, how did those masters dig holes in batches? After climbing for two months, I gradually have my own understanding and experience, so I intend to share it and communicate with all masters. ...

Posted by LaWr3nCe on Thu, 23 Sep 2021 05:58:29 -0700