### <mark style="color:green;">Who We Are</mark>: Introducing [CipherOps](https://cipherops.tech/)
9
+
### <mark style="color:green;">Who We Are</mark>: Introducing [CipherOps](https://tinyurl.com/cipherops)
10
10
11
11
At CipherOps, we are a team of dedicated professionals passionate about cybersecurity and protecting your digital assets. With a strong focus on providing comprehensive and reliable security solutions, we strive to stay ahead of the ever-evolving threats in the digital landscape.
<figure><img src="../../../.gitbook/assets/image (1).png" alt="Active Subdomain Enumeration Using FFUF"><figcaption><p>Active Subdomain Enumeration Using FFUF</p></figcaption></figure>
22
+
<figure><img src="../../../.gitbook/assets/image (5).png" alt="Active Subdomain Enumeration Using FFUF"><figcaption><p>Active Subdomain Enumeration Using FFUF</p></figcaption></figure>
23
23
24
24
<mark style="color:green;">Technique 2:</mark> Favicon Hashes Favicons, the icons representing your website, possess unique hash values that can aid in discovering domains sharing the same hash function. Use the FavFreak tool to calculate favicon hashes. Execute the following command:
25
25
skipped 1 lines
27
27
Command: cat urls.txt | python3 favfreak.py
28
28
```
29
29
30
-
<figure><img src="../../../.gitbook/assets/image (5).png" alt="Favicon hash detecting using FavFreak"><figcaption><p>Favicon hash detecting using FavFreak</p></figcaption></figure>
30
+
<figure><img src="../../../.gitbook/assets/image (2).png" alt="Favicon hash detecting using FavFreak"><figcaption><p>Favicon hash detecting using FavFreak</p></figcaption></figure>
31
31
32
32
Once the hash is calculated, you can use the same on internet search engines such as **shodan** to get the mass websites.
33
33
skipped 7 lines
41
41
command: cat subdomains.txt | dnsx -a -resp-only | nrich -
42
42
```
43
43
44
-
<figure><img src="../../../.gitbook/assets/image.png" alt="Using shodan Search Engine to detect site that have same favicon hashed"><figcaption><p>use a nrich tool to check out the subdomains </p></figcaption></figure>
44
+
<figure><img src="../../../.gitbook/assets/image(1).png" alt="Using shodan Search Engine to detect site that have same favicon hashed"><figcaption><p>use a nrich tool to check out the subdomains </p></figcaption></figure>
45
45
46
46
<mark style="color:green;">Technique 4:</mark> Choosing the Right Target When dealing with applications that have numerous subdomains, selecting the right subdomain to start hunting can be challenging. Utilize the interesting subs gf pattern list to identify interesting subdomains worth investigating. Execute the following command:
47
47
skipped 19 lines
67
67
Command: cat dorks.txt | uncover
68
68
```
69
69
70
-
<figure><img src="../../../.gitbook/assets/image(9).png" alt=""><figcaption><p>uncover tool link <a href="https://github.com/projectdiscovery/uncover">https://github.com/projectdiscovery/uncover</a></p></figcaption></figure>
70
+
<figure><img src="../../../.gitbook/assets/image.png" alt=""><figcaption><p>uncover tool link <a href="https://github.com/projectdiscovery/uncover">https://github.com/projectdiscovery/uncover</a></p></figcaption></figure>
71
71
72
72
73
73
skipped 11 lines
85
85
Command: naabu -host target.com
86
86
```
87
87
88
-
<figure><img src="../../../.gitbook/assets/image (7).png" alt=""><figcaption><p>Finding open ports and service running using naabu</p></figcaption></figure>
88
+
<figure><img src="../../../.gitbook/assets/image (6).png" alt=""><figcaption><p>Finding open ports and service running using naabu</p></figcaption></figure>
89
89
90
90
:clap:Thank you for taking the time to explore these amazing reconnaissance techniques. :smile:We hope you found this blog informative and useful in your endeavors.
Adwaith
committed
with
gitbook-bot
1 year ago
1 parent 1f392240
