Better late than never I suppose.
Technique:
Not so much a technique this week but a quick little wordlist to get more value from the tool listed below.
This is a wordlist for /aspnet_client/system_web/
Tool:
IIS-Shortname-Scanner
A personal favorite of mine because I think there is still more value in this vulnerability that hasn’t been found yet. Honestly though, I’ve only found real value in this tool maybe twice in external penetration tests.
Lecture:
AppSec Cali 2018 – The Bug Hunter’s Methodology 2.0
All around great lecture for both newbies and seasoned vets. Highly recommend!
Second installment of OSINT Escapades coming soon, stay tuned! Promise you’ll be surprised with what I’ve found!
Check out all the entries of this series!
- Technique Tool and Lecture #14
- Technique Tool and Lecture #13
- Technique, Tool and Lecture #12
- Technique, Tool and Lecture #11
- Technique Tool and Lecture #10
- Technique, Tool and Lecture #9
- Technique, Tool and Lecture #8
- Technique, Tool and Lecture #7
- Technique, Tool and Lecture #6
- Technique, Tool and Lecture #5
- Technique, Tool and Lecture #4
- Technique, Tool and Lecture #3
- Technique, Tool and Lecture #2
- Technique, Tool and Lecture #1
END TRANSMISSION