2017-08-17 17:19:56 +00:00
|
|
|
## Special Tools
|
|
|
|
|
|
|
|
**Resolution**
|
|
|
|
|
|
|
|
- http://dnsbin.zhack.ca (DNS)
|
|
|
|
- http://pingb.in (DNS)
|
|
|
|
- http://requestb.in (HTTP)
|
2017-09-06 14:33:54 +00:00
|
|
|
- https://www.mockbin.org/ (HTTP)
|
2017-08-17 17:19:56 +00:00
|
|
|
|
|
|
|
**Wildcard DNS**
|
|
|
|
|
|
|
|
- http://xip.io
|
|
|
|
|
|
|
|
```
|
|
|
|
10.0.0.1.xip.io
|
|
|
|
www.10.0.0.1.xip.io
|
|
|
|
mysite.10.0.0.1.xip.io
|
|
|
|
foo.bar.10.0.0.1.xip.io
|
|
|
|
```
|
|
|
|
|
|
|
|
- http://nip.io
|
|
|
|
|
|
|
|
```
|
|
|
|
10.0.0.1.nip.io
|
|
|
|
app.10.0.0.1.nip.io
|
|
|
|
customer1.app.10.0.0.1.nip.io
|
|
|
|
customer2.app.10.0.0.1.nip.io
|
|
|
|
otherapp.10.0.0.1.nip.io
|
|
|
|
```
|
|
|
|
|
|
|
|
**Reconnaissance**
|
|
|
|
|
2017-09-27 16:45:32 +00:00
|
|
|
- https://dnsdumpster.com (DNS and subdomain recon)
|
|
|
|
- http://threatcrowd.org (WHOIS, DNS, email, and subdomain recon)
|
|
|
|
- https://mxtoolbox.com (wide range of DNS-related recon tools)
|
2017-09-06 14:33:54 +00:00
|
|
|
- https://publicwww.com/ (Source Code Search Engine)
|
2017-10-06 07:34:40 +00:00
|
|
|
- http://ipv4info.com/ (Find domains in the IP block owned by a Company/Organization)
|
2017-09-28 09:54:14 +00:00
|
|
|
- [HackerTarget Tools](https://hackertarget.com/ip-tools/) (DNS recon, site lookup, and scanning tools)
|
2017-09-27 16:45:32 +00:00
|
|
|
- [VirusTotal](https://virustotal.com/en-gb/domain/google.com/information/) (WHOIS, DNS, and subdomain recon)
|
|
|
|
- [crt.sh](https://crt.sh/?q=%25.uber.com) (SSL certificate search)
|
|
|
|
- [Google CT](https://transparencyreport.google.com/https/certificates) (SSL certificate transparency search)
|
2017-10-04 07:45:20 +00:00
|
|
|
- [PenTest Tools](https://pentest-tools.com/information-gathering/google-hacking) (Google dorks)
|
2017-10-06 07:34:40 +00:00
|
|
|
- [Wayback Machine](https://archive.org/web/) (Find stuff which was hosted on the domain in past)
|
|
|
|
|
2017-09-27 15:47:27 +00:00
|
|
|
|
|
|
|
|
|
|
|
**Report Templates**
|
|
|
|
|
|
|
|
- https://github.com/fransr/template-generator
|
|
|
|
- https://github.com/ZephrFish/BugBountyTemplates
|