Footprinting
select * from projectdiscovery join steampipe
Recently, I decided to take a look at Steampipe again. I like SQL and the structure it provides, and after playing around a bit I figured: “Wouldn’t it be cool to write a plugin for the immensely popular projectdiscovery tools?”. That is exactly what I did and you can find the source code for it here: https://github.com/sensepost/steampipe-plugin-projectdiscovery. For the purposes of footprinting, everything you can do with steampipe you can…
Client Side Fingerprinting in Prep for SE
On a recent engagement, we were tasked with trying to gain access to the network via a phishing attack (specifically phishing only). In preparation for the attack, I wanted to see what software they were running, to see if Vlad and I could target them in a more intelligent fashion. As this technique worked well, I thought this was a neat trick worth sharing. First off the approach was to…
Foot printing – Finding your target…
We were asked to contribute an article to PenTest magazine, and chose to write up an introductory how-to on footprinting. We’ve republished it here for those interested. Network foot printing is, perhaps, the first active step in the reconnaissance phase of an external network security engagement. This phase is often highly automated with little human interaction as the techniques appear, at first glance, to be easily applied in a general…
Page 1 of 1