I will start.
- subfinder to gather subdomains
- httpx to filter live ones only
- ParamSpider to find params
- testing manually on the output of ParamSpider
other than that i pick around in the target site's functionality and check for unintended behavior.
[link] [comments]
from hacking: security in practice https://ift.tt/lgxTsYL
Comments
Post a Comment