Skip to content

Recon

Open Source Intelligence

Sensitive Information:
- Personally Identifiable Information (PII): Legal name, Addresses, Phonenumbers, Email addresses, Data of Birth, IDs
- Financial Information: Bank account numbers, Credit/debit card numbers, Payment information, Financial statements, Tax Information
- Account Credentials: Usernames, Passwords

Gitlabs bad Auth Configuration

Look for GitLab instances on targets or belonging to the target. When you stumble across the GitLab login panel, navigate to /explore. Misconfigured instances do not require authentication to view the internal projects. Once you get in, use the search function to find passwords, keys, etc. This is a pretty big attack vector and I am finally revealing it today, because I am sure it will help a lot of you get some critical issues.

relative-url-extractor

relative-url-extractor

ruby extract.rb demo-file.js
ruby extract.rb https://hackerone.com/some-file.js
ruby extract.rb '|cat demo-file.js' -c

Recon-ng

Recon-ng

API Keys from github
https://github.com/secureli/public-tools/tree/65c328869e45d08c87dff7ec4b91f826266c9523

keys add bing_api d186b37f4ace45edaaf8209012799889
keys add builtwith_api 9a74cc2b-9c1c-4cf2-b32e-a349158ef7d9
keys add google_api AIzaSyBR2fflgt0O0fYpKnjNqFubTtCiqmdPrJs
keys add google_cset AIzaSyBR2fflgt0O0fYpKnjNqFubTtCiqmdPrJs
keys add linkedin_api 78mjjd88ztvcfl
keys add linkedin_secret ounO7pER7Q0ZXXCj
keys add shodan_api ULAqZuKzub6waFpbmlpvrLdek5QDsXYB

https://github.com/fryjustinc/enumallfryjc/blob/b6bce3b3ebef82342264934025f2d4f4d590997e/enumall.py
keys add shodan_api 39Vjh03Crbi0EoPzwSffZAxcNLFqwed1
keys add google_api AIzaSyDUDMi_kuJsoG53Fbxst7Ccpd592TbCwK4
keys add google_cse 016872495654316171864:wtvyugugj0g


keys add shodan_api Wemdicnr843sdfdsvcrtbrthgrfhd

Built with

Find what web framework is used by domain:**
Domain Built With