Technique, Tool and Lecture #2

Better late than never I suppose.

Technique:

Not so much a technique this week but a quick little wordlist to get more value from the tool listed below.

This is a wordlist for /aspnet_client/system_web/

Link

Tool: 

IIS-Shortname-Scanner

A personal favorite of mine because I think there is still more value in this vulnerability that hasn’t been found yet. Honestly though, I’ve only found real value in this tool maybe twice in external penetration tests.

Link

Lecture: 

AppSec Cali 2018 – The Bug Hunter’s Methodology 2.0

All around great lecture for both newbies and seasoned vets. Highly recommend!

Link

Second installment of OSINT Escapades coming soon, stay tuned! Promise you’ll be surprised with what I’ve found!

Check out all the entries of this series!

END TRANSMISSION

Leave a Reply