OSINT / Recon
Reconnaissance 102: Subdomain Enumeration https://blog.projectdiscovery.io/reconnaissance-series-4/
https://twitter.com/pdnuclei/status/1638180471644340225
projectdiscovery/pdtm: ProjectDiscovery’s Open Source Tool Manager
https://github.com/blacklanternsecurity/bbot?mc_cid=a39ce637a8&mc_eid=cc1b4fe73e
Implementing Nuclei into your GitHub CI/CD pipelines
| [How to use CloudQuery for Attack Surface Management and Graph Visualization | CloudQuery](https://www.cloudquery.io/how-to-guides/attack-surface-management-with-graph) |
Optimizing Wordlists with Masks · Cyber & Stuff
dhn/udon: A simple tool that helps to find assets/domains based on the Google Analytics ID.
Project Bishop: Clustering Web Pages – NCC Group Research
| [Subdomain Enumeration: Creating A Highly Efficient Wordlist By Scanning The Entire Internet: A Case Study (Part 1) | n0kovo](https://n0kovo.github.io/posts/subdomain-enumeration-creating-a-highly-efficient-wordlist-by-scanning-the-entire-internet/?utm_medium=email) |
Implementing Nuclei into your GitHub CI/CD pipelines
The Anti-Recon Recon Club (using ReconFTW)
elceef/subzuf: a smart DNS response-guided subdomain fuzzer
Scaling security automation with Docker - Detectify Labs
edoardottt/csprecon: Discover new target domains using Content Security Policy
cramppet/regulator: Automated learning of regexes for DNS discovery
Subdomain Enumeration with DNSSEC https://twitter.com/bka
JupiterOne & Project Discovery: Automating Nuclei with JupiterOne
Building a Fast One-Shot Recon Script for Bug Bounty
blacklanternsecurity/bbot: OSINT automation for hackers.
rapid7/recog: Pattern recognition for hosts, services, and content
Regulator: A unique method of subdomain enumeration
Subdomain Enumeration Tool Face-off 2022
The Ultimate Guide to Finding Bugs With Nuclei
Introducing ASNMap: A Golang CLI tool for speedy reconnaissance using ASN data
ASNmap is a CLI tool written in Golang, and used to query Autonomous System Data. The data is pulled from api.asnmap.sh, which returns data that is parsed from the well-known IPtoASN database.
A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers
Qianlitp/crawlergo: A powerful browser crawler for web vulnerability scanners
A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers
Context-Aware Content Discovery with Chameleon
hakluke/hakscale: Distribute ordinary bash commands over many systems
Microsoft announces new external attack surface audit tool
DM: Microsft has entered the Attack Surface Management space with a new tool called Microsoft Defender Attack Surface Management. It sports a real-time inventory, attack surface visibility, exposure detection and prioritization.
| [GitHub Recon - It’s Really Deep. Hello everyone, I know that my speed of… | by Jerry Shah (Jerry) | Medium](https://shahjerry33.medium.com/github-recon-its-really-deep-6553d6dfbb1f) |
Automata: A General-Purpose Automation Platform TODO
ProjectDiscovery’s Best Kept Secrets TODO
@seclilc Talks About Hacking, Recon and Breaking Into Cybersecurity - YouTube
Dorks for Intelligence X and Google
A curated list of dorks relevant to Intelligence X and Google, including invite
URLs for Skype, Hangouts, Zoom, Telegram, WhatsApp, and more.
Sandcastle – AWS S3 Bucket Enumeration Tool
Takes a target’s name as the stem argument (e.g. “Shopify”) and iterates through a file of bucket name permutations. Looks for bucket names like -training, -bucket, -dev, etc. Example bucket name files here.
thewhiteh4t/FinalRecon
“OSINT Tool for All-In-One Web Reconnaissance.” Includes: Whois, SSL cert info, DNS and subdomain enumeration, directory scanning, and more.
Sifter - A OSINT, Recon And Vulnerability Scanner
The Cyber Intelligence Analyst’s Cookbook
https://twitter.com/hackermaderas/status/1238562612968927234?s=20&mc_cid=3291d2d08c&mc_eid=cc1b4fe73e
Scope Based Recon Methodology: Exploring Tactics for Smart Recon | by Harsh Bothra | Feb, 2021 | Cobalt.io https://twitter.com/harshbothra_