馃悋
CheatSheet
  • Inicio
  • Web Site
    • Subdomain
  • API
    • Recolecci贸n de Informacion
      • Directorios
      • OSINT
      • Enumeracion en Endpoints
    • Busqueda de Vulnerabilidades
      • Validaciones
      • Mal manejo de errores
      • Sesiones
      • IDOR
      • Ataques de Inyecci贸n
      • Exposici贸n de datos sensibles
      • Otras posibles vulnerabilidades
      • Rate Limit
      • Cors
      • Ataques de Cabeceras
      • Prototype Pollution
      • Ataque de deserializaci贸n
      • Ataques JWT
  • Mobile
    • PlayStore to APK
    • Bypass Ofuscacion Xamarin
    • Bypass Flutter
  • Miscelanio
    • SSH
    • Docker
    • DNS
    • Silver Ticket
    • LDAP
    • Shell Command Files (SCF)
    • SPOOLER
    • JuicyPotato
    • TOMCAT
    • Proc Enum
    • Primitives
    • Archivos .crash
    • Nginx
    • FTP
    • Pivoting
    • Web API to Postman
    • Web Sockets
    • OTP
    • FastInfoset
  • Post Explotaci贸n
    • Dump HTTP Credentials
  • Configuraciones Burpsuite
    • BurpCollaborator Server Privado
Powered by GitBook
On this page
  • Motores de busqueda
  • Postman Publicos
  • Way Back URLs
  • Gau
  • Repositorios publicos de GitHub
  • AMASS
  1. API
  2. Recolecci贸n de Informacion

OSINT

Last updated 1 year ago

Motores de busqueda

Google Dorks

Shodan

Duck Duck Go

Bing

Postman Publicos

site:postman.com inurl:(workspace & overview) intext:"KEYWORD"

Way Back URLs

echo 'site.com' | waybackurls | tee site.urls

Gau

gau --o site.urls site.com

Repositorios publicos de GitHub

./gitgot.py -q example.com

AMASS

GitHub - owasp-amass/amass: In-depth Attack Surface Mapping and Asset DiscoveryGitHub
Logo
GitHub - techgaun/github-dorks: Find leaked secrets via github searchGitHub
GitHub - BishopFox/GitGot: Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.GitHub
GitHub - lc/gau: Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.GitHub
GitHub - tomnomnom/waybackurls: Fetch all the URLs that the Wayback Machine knows about for a domainGitHub
Logo
Logo
Logo
Logo