Search

Web Application Enumeration (Revisited)

Assetfinder:

assetfinder immutable.com > immutable-subs.txt

And grep actual subs

Automate:

./run.sh domain.com

🙂

Amass:

amass enum -d immutable.com

part of run.sh now 🙂

httprobe:

cat immutable.com/recon/final.txt | httprobe

Cleaned:

cat immutable.com/recon/final.txt | httprobe -s -p https:443 | sed 's/https\?:\/\///' | tr -d ':443'

Added to run.sh 🙂

How to use the alive.txt?

filter for dev:

cat alive.txt | grep dev

test:

cat alive.txt | grep test

stag:

cat alive.txt | grep stag

admin:

cat alive.txt | grep admin

GoWitness:

gowitness file filename.txt --destination /home/directoryIwant
gowitness single tesla.com --output teslapic.png