Giters

garthhumphreys / webReconMeth

My Web Recon Methodology

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

checklistmethodologyreconsecurityweb

Website Recon Checklist

Here is my Methodology for doing Web Security Testing. This is primarily a guide to help me remember the steps in doing Security Testing or Bug Bounty.

  • Identify IPs and main TLDs
    • cert.sh
    • dnsdumpster
    • amass
  • Domain scraping for discovered TLDs
    • google dorks
  • Domain Bruteforcing Resolve & add new IP ranges
    • amass
    • massdns
  • Identify live domains
    • httprobe
  • Portscan to determine services running
    • nmap
    • masscan
  • Screenshot domains
    • ???
  • Identify Platform/CMS types
    • whatcms.org
    • ???
  • Folder/Files Discovery
    • dirsearch
    • ???
    • waybackurls (wayback)
    • JSParser (or some js finder)
  • Parameters/Queries Discovery
    • dirsearch
    • ???

About me, Garth Humphreys

About

My Web Recon Methodology

checklistmethodologyreconsecurityweb