Contents

• Sub Domain Enumeration (Github & GUI tools)

• Grabify-ip
• Email infoga
• Installation of Burp Suite
• Data tampering
 Subdomain Enumeration (Github & GUI Tools)

• VirusTotal
• Virustotal is a platfrom used to gather information about a domain.
• https://www.virustotal.com/gui/

• Sublist3r
• Sublist3r is a tool used for finding subdomains

• NMMAPPER
• https://www.nmmapper.com/
 Sublist3r
• Installing Sublist3r
• git clone https://github.com/aboul3la/Sublist3r.git
• cd Sublist3r/
• pip3 install -r requirements.txt
• apt-get install python-requests
• apt-get install python-dnspython
• apt-get install python-argparse
• python3 setup.py install
• sublist3r -h
 Sublist3r
• Installing Sublist3r in Windows:
• cd Sublist3r/
• python.exe -m pip install -r requirements.txt
• python.exe -m pip install requests
• python.exe -m pip install dnspython
• python.exe -m pip install win_unicode_console colorama
• python3 setup.py install
• sublist3r -h
 Bonus: Grabify-ip
• Grabify is an IP logger, Using grabify we can capture the
users’s IP address very easily.

• Web: https://grabify.link/
 How to prevent Grabify-ip(poc)
• ExpandURL.net is a service where you can find out where the
destination of a shortened URL will take you to before
clicking on the link.
• web: https://www.expandurl.net/
 Infoga - Email OSINT
• Infoga is a tool for gathering email accounts informations
(ip,hostname,country) from different public source (search
engines, pgp key servers and shodan) and check if emails was
leaked using haveibeenpwned.com API. Is a really simple tool,
but very effective for the early stages of a penetration test or
just to know the visibility of your company in the Internet.

• Gituhub: https://github.com/m4ll0k/Infoga
 Infoga - Email OSINT
• Installation
• git clone https://github.com/m4ll0k/Infoga.git infoga
• cd infoga
• python setup.py install
• python infoga.py

• Usuage:
• python infoga.py --domain nsa.gov --source all --breach -v 2 --report nsa_gov.txt
 Introduction about burpsuite
• Burpsuite is a GUI tool created by portswigger used intercept
and manipulate communication in between the client and
server.

• Burpsuite community edition comes pre-installed in kali Linux

 Installing Burp suite
• Burpsuite comes pre-installed in Kali Linux. The burp suite can
also be utilized or installed in windows so let’s look into the
process of installation. Step by Step process is provided in the
upcoming slides.
• Goto https://portswigger.net/ and click on products;
• Select Get Community options
• Click on Download the Latest version
• Click on Download and save the file
• Double click on the downloaded file.

• Note: If prompted with yes or no options click on yes

• Now click next
• Now click on next
• Click on next
• Let the files get extracted
• Click on Finish
 Configuration of burpsuite
Step-1 Click on start button and type burp and click open Burpsuite
Step-2: Click on next
Step-3: Click on start burp
Step-4: This is the burpsuite dashboard
Step-5: Click on proxy tab
Step-6: Click on intercept is on to turn off the intercept
Step-7: Click on options tab
Step-8: Open firefox and click menu button.
Step-9: Click on options..
Step-10: Inside search bar type proxy
Step-11: Click on settings button under Network Settings
Step-12: You will get Connection Settings window.
Step-13: Select the Manual proxy configuration.
Step-14: Type 127.0.0.1 in HTTP proxy and 8080 in Port

Note: Click the check box with Also use this proxy...
Step-15: Click on OK
Step-16: Inside search bar type certificates
Step-17: Click on view certificates button
Step-18: Take a new tab and type http://burp and hit enter

Note: Check whether the burpsuite->proxy->intercept is turned off

Step- 19: Click on CA certificate to download
Step- 20: Select save and click on OK to download.
Step- 21: Get back to firefox certificate manager.
click on import..
Step- 22: Select the cacert.der file from the downloaded
folder and click on open button
Step- 23: Select the two check boxes with Trust this...
and click on OK button.
Step- 24: Click on OK button.
 DATA TAMPERING
• The Web Parameter Tampering attack is based on the manipulation of
parameters exchanged between client and server in order to modify
application data, such as user credentials and permissions, price and
quantity of products, etc.
• This attack can be performed by a malicious user who wants to exploit
the application for their own benefit, or an attacker who wishes to
attack a third-person using a Man-in-the-middle attack. In both cases,
tools likes Webscarab and BURP proxy are mostly used.
DATA TAMPERING
 EXAMPLE
• When a web application uses hidden fields to store status information,
a malicious user can tamper with the values stored on his browser and
change the referred information. For example, an e-commerce
shopping site uses hidden fields to refer to its items, as follows:

• <input type=”hidden” id=”1008” name=”cost” value=”1”>

• An attacker can modify the “value” information of a specific

item, thus lowering its cost.
 How to prevent Data Tampering(poc)

• Validate input for improper characters.

• Stringently define the data type (for instance, a string, an
alphanumeric character, etc) that the application will accept.
• Ensure that data is not only validated, but business rule
correct. For example, interest rates fall within permitted
boundaries.
• Encrypted hidden fields must be robust against replay attacks,
which means some form of temporal keying.
• Hidden fields need to have integrity checks and preferably
encrypted using non-constant initialization vectors