Skip to content

Instantly share code, notes, and snippets.

@JamesMarino

JamesMarino/useful_information_gathering.md

Last active July 31, 2020 13:11
Show Gist options
  • Save JamesMarino/81f8ab40011871b851fdcc8bd8acd9ca to your computer and use it in GitHub Desktop.
Save JamesMarino/81f8ab40011871b851fdcc8bd8acd9ca to your computer and use it in GitHub Desktop.
Download ZIP
Various useful commands
Raw
useful_information_gathering.md

Useful Information Gathering

  1. List all DNS Records
dig any example.com @`dig +short  SOA example.com | cut -d' ' -f1`
  1. Get Nameservers
nslookup 1.2.3.4
  1. Directory Listing of Bucket - Access to Everyone
aws s3 ls s3://example.com/ --no-sign-request --region ap-southeast-2`
  1. Directory Listing of Bucket - Access to Authenticated AWS Users
aws s3 ls s3://example.com/ --region ap-southeast-2
  1. Copy all files from S3 Bucket
aws s3 sync s3://example.com/ . --no-sign-request --region ap-southeast-2
  1. Scanning Ports
nmap example.com
  1. Cloning a site
wget --mirror --convert-links --adjust-extension --page-requisites --no-parent "https://example.com"
  1. Generating RSA Key Pairs
openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048
openssl rsa -pubout -in private_key.pem -out public_key.pem
  1. ARP Poising
mitmf --arp --spoof --gateway <IP of Gateway> --target <IP of Target> -i eth0
  1. DNS Spoofing
mitmf --arp --spoof --gateway <IP of Gateway> --target <IP of Target> -i eth0 --dns
  1. Apache Server Directory Scrape
# Recursively
wget -r -np -nH –cut-dirs=3 -R index.html http://example.com/my/directory/

# Just in that directory
wget -m -np http://example.com/my/directory/

References

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment