* [🌏 Journeying Through the World of Ethical Hacking with Cipher-ops](journeying-through-the-world-of-ethical-hacking-with-cipher-ops.md)
6
6
* [Let's Start](lets-start/README.md)
7
7
* [🥳 Exploring Top Platforms and Websites for Hacking Practice and Learning](lets-start/exploring-top-platforms-and-websites-for-hacking-practice-and-learning.md)
* [Exploitation Tools Categorized by Vulnerability Type](web-application/exploitation-tools-categorized-by-vulnerability-type.md)
41
-
* [Insecure Direct Object References, Open Redirect, Request Smuggling](web-application/insecure-direct-object-references-open-redirect-request-smuggling.md)
* [Exploitation Tools Categorized by Vulnerability Type](exploitation/exploitation-tools-categorized-by-vulnerability-type.md)
39
+
* [Insecure Direct Object References, Open Redirect, Request Smuggling](exploitation/insecure-direct-object-references-open-redirect-request-smuggling.md)
<figure><img src="../../../.gitbook/assets/image (8).png" alt="Active Subdomain Enumeration Using FFUF"><figcaption><p>Active Subdomain Enumeration Using FFUF</p></figcaption></figure>
22
+
<figure><img src="../.gitbook/assets/image (8).png" alt="Active Subdomain Enumeration Using FFUF"><figcaption><p>Active Subdomain Enumeration Using FFUF</p></figcaption></figure>
23
23
24
24
<mark style="color:green;">Technique 2:</mark> Favicon Hashes Favicons, the icons representing your website, possess unique hash values that can aid in discovering domains sharing the same hash function. Use the FavFreak tool to calculate favicon hashes. Execute the following command:
25
25
skipped 1 lines
27
27
Command: cat urls.txt | python3 favfreak.py
28
28
```
29
29
30
-
<figure><img src="../../../.gitbook/assets/image (3).png" alt="Favicon hash detecting using FavFreak"><figcaption><p>Favicon hash detecting using FavFreak</p></figcaption></figure>
30
+
<figure><img src="../.gitbook/assets/image (3).png" alt="Favicon hash detecting using FavFreak"><figcaption><p>Favicon hash detecting using FavFreak</p></figcaption></figure>
31
31
32
32
Once the hash is calculated, you can use the same on internet search engines such as **shodan** to get the mass websites.
33
33
skipped 7 lines
41
41
command: cat subdomains.txt | dnsx -a -resp-only | nrich -
42
42
```
43
43
44
-
<figure><img src="../../../.gitbook/assets/image.png" alt="Using shodan Search Engine to detect site that have same favicon hashed"><figcaption><p>use a nrich tool to check out the subdomains </p></figcaption></figure>
44
+
<figure><img src="../.gitbook/assets/image.png" alt="Using shodan Search Engine to detect site that have same favicon hashed"><figcaption><p>use a nrich tool to check out the subdomains </p></figcaption></figure>
45
45
46
46
<mark style="color:green;">Technique 4:</mark> Choosing the Right Target When dealing with applications that have numerous subdomains, selecting the right subdomain to start hunting can be challenging. Utilize the interesting subs gf pattern list to identify interesting subdomains worth investigating. Execute the following command:
47
47
skipped 19 lines
67
67
Command: cat dorks.txt | uncover
68
68
```
69
69
70
-
<figure><img src="../../../.gitbook/assets/image (1).png" alt=""><figcaption><p>uncover tool link <a href="https://github.com/projectdiscovery/uncover">https://github.com/projectdiscovery/uncover</a></p></figcaption></figure>
70
+
<figure><img src="../.gitbook/assets/image (1).png" alt=""><figcaption><p>uncover tool link <a href="https://github.com/projectdiscovery/uncover">https://github.com/projectdiscovery/uncover</a></p></figcaption></figure>
71
71
72
72
73
73
skipped 11 lines
85
85
Command: naabu -host target.com
86
86
```
87
87
88
-
<figure><img src="../../../.gitbook/assets/image (9).png" alt=""><figcaption><p>Finding open ports and service running using naabu</p></figcaption></figure>
88
+
<figure><img src="../.gitbook/assets/image (9).png" alt=""><figcaption><p>Finding open ports and service running using naabu</p></figcaption></figure>
89
89
90
90
:clap:Thank you for taking the time to explore these amazing reconnaissance techniques. :smile:We hope you found this blog informative and useful in your endeavors.