Hi,
I hope all of you are fine. today I writing this blog for those people who don't know how can they approach hacking or those who don't know hacking methodology we will discuss this here so without testing let us get deep into it.
First of all, you need some tools for Information gathering tools if you don't have so I suggest you install Kali Linux on your laptop/computer.
I suggest some tools that you to install in kali linux for bug hunting
List:
1) Findomain (https://github.com/Findomain/Findomain)
2) Subfinder (https://github.com/projectdiscovery/subfinder)
3) Assetfinder (https://github.com/tomnomnom/assetfinder)
4) Waybackurls (https://github.com/tomnomnom/waybackurls)
5) Httpx (https://github.com/projectdiscovery/httpx)
6) Httprobe (https://github.com/tomnomnom/httprobe)
Lets get dive into methodology(Here i give you an some method for how can you gather information about target)
First of all you need to use Findomain,Subfinder,Assetfinder for finding subdomains of domain that given by programs. use findomain and save the output of findomain subdomain in one file we give here name findomain.txt as the findoamin use subfinder , Assetfinder and save all the files.
then remove all the duplicate subdomains and make one file that can be allsubdomain.txt after you need to use httpx/httprobe for live subdomain then extract all alive subdomains in livesubdomain.txt then you need to use waybackurls tool for finding URLs of all subdomains.
after you can Hunt on those live subdomains and got a bounty(but keep hard work).
If you want blog on Google Dorking so comment down below if you want on another topic blog we can make.
Thank you.
all tools credit goes to their developer.
Comments
Post a Comment