Bug bounty programs offer a unique opportunity for security researchers to test and identify vulnerabilities in applications and systems, all while earning rewards for their efforts. However, with so many programs available, it can be challenging for researchers to find new targets and prioritize their efforts effectively. This is where the Chaos Bug Bounty Recon Data API from Project Discovery can be incredibly helpful. The Chaos Bug Bounty Recon Data
recon
noviembre 28, 2022
reconFTW – Yet another new recon tool
According to its GitHub page, reconFTW is desdribed as: ReconFTW automates the entire process of reconnaissance for you. It outperforms the work of subdomain enumeration along with various vulnerability checks and obtaining maximum information about your target. ReconFTW uses a lot of techniques (passive, bruteforce, permutations, certificate transparency, source code scraping, analytics, DNS records…) for subdomain enumeration which helps you to get the maximum and the most interesting subdomains so that
mayo 23, 2022
reNgine: A brief overview
ReNgine is a very complete recon tool that can be very helpful to centralize all your recon in one site. Its main website defines it as: «The only web application recon tool you will ever need!« Currently is capable of performing: Although reNgine can be installed in a local machine, it is recommended to be installed in a VPS. Here, I will show how I installed it in a Digital
mayo 9, 2022
Wordlists for your daily work
When we do pentesting and bug bounty the most important phase is always recon and one of the most important elements for your recon is the wordlist. It is said that «Your recon is as good as your wordlist is». In our Kali Linux, there are by default different good wordlists at /usr/share/wordlists: $ cd /usr/share/wordlists dirb dirbuster fasttrack.txt fern-wifi metasploit nmap.lst rockyou.txt wfuzz While dirb, dirbuster and wfuzz can
mayo 2, 2022
FinalRecon (web reconnaissance tool)
As it is described in its website: FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results. Instead of executing several tools one after another it can provide similar results keeping dependencies small and simple. https://github.com/cbk914/finalrecon Installation $ sudo apt install finalrecon Usage $ finalrecon.py <arguments> url