Low Hanging Bugs
https://i.ytimg.com/vi/6gaplYfYpKI/maxresdefault.jpg1. Favicon Hash:
Tool to find the real IP behind CDNs/WAFs like Cloudflare using passive recon by retrieving the favicon hash. For the same hash value, all the possible IPs, PORTs and SSL/TLS Certs are searched to validate the target in-scope.
2. Complete Shodan Recon:
𝚔𝚊𝚛𝚖𝚊 𝚟𝟸 can be used by Infosec Researchers, Penetration Testers, Bug Hunters to find deep information, more assets, WAF/CDN bypassed IPs, Internal/External Infra, Publicly exposed leaks and many more about their target.
4. Repository of historical DNS data
Data for security companies, researchers who need to drill down, find suspicious changes to DNS records, and prevent future fraudulent or criminal activity.
5. Sometimes SPF/DMARC/DKIM records
All of your MX record, DNS, blacklist and SMTP diagnostics in one integrated tool. Input a domain name or IP Address or Host Name.
And many more …
Let the Game Begin . . .Vulnerability details
During the initial assessment of assets, I found a
Read the article