Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-14 17:07:34 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] one page modified

Browse source
This commit is contained in:
CPol 2020-12-31 01:30:52 +00:00 committed by gitbook-bot
parent d7ec065283
commit 35e41d4c66
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
external-recon-methodology.md
View file

@ -320,6 +320,8 @@ Now that we have built the list of assets of our scope it's time to search for s
* extension:js jsforce conn.login
* extension:json googleusercontent client\_secret
You can also search for leaked secrets in all open repository platforms using: [https://searchcode.com/?q=auth\_key](https://searchcode.com/?q=auth_key)
## [**Pentesting Web Methodology**](pentesting/pentesting-web/)\*\*\*\*
Anyway, the **majority of the vulnerabilities** found by bug hunters resides inside **web applications**, so at this point I would like to talk about a **web application testing methodology**, and you can [**find this information here**](pentesting/pentesting-web/).