10.3. 信息收集¶
10.3.1. Whois¶
10.3.2. 网站备案¶
10.3.3. CDN查询¶
10.3.4. 子域爆破¶
altdns Generates permutations, alterations and mutations of subdomains and then resolves them
10.3.5. 域名获取¶
10.3.6. 弱密码爆破¶
10.3.7. Git信息泄漏¶
shhgit Find GitHub secrets in real time
GitHound GitHound pinpoints exposed API keys on GitHub using pattern matching, commit history searching, and a unique result scoring system. A batch-catching, pattern-matching, patch-attacking secret snatcher
x patrol Github leaked patrol
GitDorker scrape secrets from GitHub through usage of a large repository of dorks
10.3.8. Github监控¶
Github Monitor Github Sensitive Information Leakage Monitor
gitGraber monitor GitHub to search and find sensitive data in real time for different online services
10.3.9. 路径及文件扫描¶
10.3.10. 路径爬虫¶
crawlergo A powerful dynamic crawler for web vulnerability scanners
10.3.11. 指纹识别¶
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way
JARM active Transport Layer Security (TLS) server fingerprinting tool
fingerprintjs Browser fingerprinting library with the highest accuracy and stability
10.3.12. Waf指纹¶
10.3.13. 端口扫描¶
10.3.14. DNS数据查询¶
10.3.15. DNS关联¶
10.3.16. 云服务¶
10.3.17. 数据查询¶
10.3.18. Password¶
Probable Wordlists Wordlists sorted by probability originally created for password generation and testing
DefaultCreds cheat sheet One place for all the default credentials to assist the pentesters during an engagement
10.3.19. CI信息泄露¶
secretz minimizing the large attack surface of Travis CI
10.3.20. 个人数据画像¶
GHunt Investigate Google Accounts with emails