🖥️
Siber Güvenlik Notları
  • WHOAMI
    • 👨‍💻Who Am I?
  • 🔭Information Gathering
    • Pentest VM Setup
    • Passive Information Gathering
    • Subdomain Enumeration
    • Host Discovery
    • Port Scanning
    • Email Enumeration
    • Leaked Passwords
    • Zafiyet Araştırma
  • 🪟Windows Pentesting
    • Windows Privilege Escalation
    • Windows Persistence
    • Windows Lateral Movement
    • AV Evasion
  • 🐧Linux Pentesting
    • Linux Privilege Escalation
    • Linux Persistence
    • Linux Lateral Movement
  • 🕸️Web Application Pentesting
    • Web Pentest Checklist
    • SQL Injection
    • NoSQL Injection
    • OS Command Injection
    • XXE Injection
    • SSTI
    • XSS
    • CSRF
    • SSRF
    • LFI/RFI
    • Insecure Deserialization
    • CORS Misconfiguration
    • Directory Traversal
    • File Upload
    • Broken Authentication
    • Broken Access Control
    • Business Logic
    • Race Conditions
    • Web Cache Deception
    • AWS Testing
    • Web Cache Poisoning
    • Clickjacking
    • API Testing
    • Broken Link Hijacking
    • HTTP Request Smuggling
    • LLM
    • HTTP Host Header Attack
    • OAuth Zafiyetleri
    • GraphQL API
    • HTTP Parameter Pollution
    • Configuration and Deployment Management Testing
    • Information Disclosure
    • Prototype pollution
    • JWT
  • 🖲️Network Service Pentesting
    • 📘Active Directory Services
      • Bleeding Edge Vulns
      • Misconfigs
      • Domain Trust
      • DNS (53)
      • Kerberos (88)
      • LDAP (389,636)
      • RPC WMI (135)
      • SMB (445)
      • WinRM - 5985
    • 📂FTP - 21
    • 🔐SSH - 22
    • 🤣Telnet - 23
    • SMTP - 25
    • TFTP - 69 UDP
    • HTTP - 80,443
      • Apache
      • Joomla
      • Drupal
      • Wordpress
      • WEBDAV
      • PHP
      • Laravel
    • IMAP/POP3 - 110,143,993,995
    • SNMP - 161
    • Rservices - 512
    • IPMI - 623
    • Rsync - 873
    • MSSQL - 1433
    • Oracle TNS - 1521
    • NFS - 2049
    • Docker
    • Grafana - 3000
    • MySQL - 3306
    • RDP - 3389
    • Postgresql - 5432
    • Redis - 6379
    • JDWP - 8000
    • MongoDB - 27017
  • 🕸️Network Pentesting
    • ARP Poisoning
  • 📞Android Pentesting
    • Android Derleme Süreci
    • Reversing
    • Rooting
    • Burp Suite Sertifikası
    • SSL Pinning Bypass
    • Patching
    • MobSF Kurulumu
    • Flutter Pentesting
  • 📰Teori
    • Güvenlik Ürünleri
    • OSI
    • Security Principles
  • Diger
    • Hacking Gadgets
      • Wifi Pineapple
      • Pwnagotchi
    • Stego
    • Buffer Overflow
    • Phishing
    • Nessus
    • DDOS Attacks
    • MSFConsole
  • ⏪Reverse
    • GCC Reverse
    • Python Reverse
    • Flare VM
    • Remnux
  • 🛜Wireless Pentesting
    • Wireless Pentest
    • Wireless V2
Powered by GitBook
On this page
  • WHOIS
  • Google Dorks
  • Netcraft Report
  • Code Leak
  • Shodan
  • Security Headers
  • Bucket + Shorteners

Was this helpful?

  1. Information Gathering

Passive Information Gathering

PreviousPentest VM SetupNextSubdomain Enumeration

Last updated 13 days ago

Was this helpful?

WHOIS

whois example.com -h 192.168.1.3

Google Dorks

Dork Search:

GHDB: 

site:example.com
site:example.com filetype:txt
site:example.com -filetype:html

site:example.com intitle:"index of" "parent directory"

Netcraft Report

URL:

Code Leak

Github:

Github Gist:

Gitlab: 

git-leaks -v -r https https://github.com/example

Shodan

hostname:example.com

Security Headers

shcheck.py http://example.com

Bucket + Shorteners

URL:

URL:

🔭
https://dorksearch.com/
https://www.exploit-db.com/google-hacking-database
https://searchdns.netcraft.com/
https://github.com/
https://gist.github.com/
https://about.gitlab.com/
https://www.shodan.io/
https://securityheaders.com/
https://grayhatwarfare.com/