26/06/2019
Censys is a public search engine for researchers to find out information concerning a server quickly.
Censys works by scanning the domains across the internet weekly. The scans conducted are done using the tools available on the ZMap Project, these include ZMap, ZTag, ZGrab, ZDNS, and etc.
Ex:
26/06/2019
WPScan is a tool built using ruby that scans a WordPress site in order to retrieve information
wpscan --url insert_url_here
Using the code above you are able to scan a WordPress website
Example:
wpscan --url team1.pentest.id
Furthermore, you can use the command below
wpscan --hh
to get a full list of the available options like:
- Enumeration
- Password attack
- etc…
26/06/2019
Google Dorks is a way of using Google’s searching tools in order to find information or misconfigured servers
Ex:
Finding misconfigured Laravel Applications
index of ".env"
Finding misconfigured servers that have “ktp” files
index of "ktp"
Finding misconfigured servers that have “kk” files
index of "kk"
Read More:
Database of Google Dorks: https://www.exploit-db.com/google-hacking-database