## Special Tools **Resolution** - http://dnsbin.zhack.ca (DNS) - http://pingb.in (DNS) - http://requestb.in (HTTP) - https://www.mockbin.org/ (HTTP) **Wildcard DNS** - http://xip.io ``` 10.0.0.1.xip.io www.10.0.0.1.xip.io mysite.10.0.0.1.xip.io foo.bar.10.0.0.1.xip.io ``` - http://nip.io ``` 10.0.0.1.nip.io app.10.0.0.1.nip.io customer1.app.10.0.0.1.nip.io customer2.app.10.0.0.1.nip.io otherapp.10.0.0.1.nip.io ``` **Reconnaissance** - https://dnsdumpster.com (DNS and subdomain recon) - http://threatcrowd.org (WHOIS, DNS, email, and subdomain recon) - https://mxtoolbox.com (wide range of DNS-related recon tools) - https://publicwww.com/ (Source Code Search Engine) - [VirusTotal](https://virustotal.com/en-gb/domain/google.com/information/) (WHOIS, DNS, and subdomain recon) - [crt.sh](https://crt.sh/?q=%25.uber.com) (SSL certificate search) - [Google CT](https://transparencyreport.google.com/https/certificates) (SSL certificate transparency search) **Report Templates** - https://github.com/fransr/template-generator - https://github.com/ZephrFish/BugBountyTemplates