Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
• VirusTotal
• Virustotal is a platfrom used to gather information about a domain.
• https://www.virustotal.com/gui/
• Sublist3r
• Sublist3r is a tool used for finding subdomains
• NMMAPPER
• https://www.nmmapper.com/
Sublist3r
• Installing Sublist3r
• git clone https://github.com/aboul3la/Sublist3r.git
• cd Sublist3r/
• pip3 install -r requirements.txt
• apt-get install python-requests
• apt-get install python-dnspython
• apt-get install python-argparse
• python3 setup.py install
• sublist3r -h
Sublist3r
• Installing Sublist3r in Windows:
• cd Sublist3r/
• python.exe -m pip install -r requirements.txt
• python.exe -m pip install requests
• python.exe -m pip install dnspython
• python.exe -m pip install win_unicode_console colorama
• python3 setup.py install
• sublist3r -h
Bonus: Grabify-ip
• Grabify is an IP logger, Using grabify we can capture the
users’s IP address very easily.
• Web: https://grabify.link/
How to prevent Grabify-ip(poc)
• ExpandURL.net is a service where you can find out where the
destination of a shortened URL will take you to before
clicking on the link.
• web: https://www.expandurl.net/
Infoga - Email OSINT
• Infoga is a tool for gathering email accounts informations
(ip,hostname,country) from different public source (search
engines, pgp key servers and shodan) and check if emails was
leaked using haveibeenpwned.com API. Is a really simple tool,
but very effective for the early stages of a penetration test or
just to know the visibility of your company in the Internet.
• Gituhub: https://github.com/m4ll0k/Infoga
Infoga - Email OSINT
• Installation
• git clone https://github.com/m4ll0k/Infoga.git infoga
• cd infoga
• python setup.py install
• python infoga.py
• Usuage:
• python infoga.py --domain nsa.gov --source all --breach -v 2 --report nsa_gov.txt
Introduction about burpsuite
• Burpsuite is a GUI tool created by portswigger used intercept
and manipulate communication in between the client and
server.
Note: Click the check box with Also use this proxy...
Step-15: Click on OK
Step-16: Inside search bar type certificates
Step-17: Click on view certificates button
Step-18: Take a new tab and type http://burp and hit enter