第一章-外围信息搜集

1.网站工具类:
https://qqqun.org/  
https://nionpay.com  好友分析
http://www.maxmind.com/ IP地理位置查询
https://www.google.com/maps 谷歌IP地理查询
http://www.cz88.net/  纯真IP查询
http://www.cz88.net/tools/id.php ID查询
http://searchdns.netcraft.com/  网站服务器详情信息查询
http://www.ip-adress.com/reverse_ip/  旁注
http://www.7c.com 站长工具查询
googlehack:
site:qq.com filetype:xls
site:qq.com  inurl:login
DNS查询
nslookup
set type=a
qq.com
dig查询DNS权威查询
dag   qq.com
 

2.MSF模块

use auxiliary/gather/search_email_collector 
 //搜索域名的邮件地址
msf auxiliary(dir_scanner) > use auxiliary/gather/search_email_collector
msf auxiliary(search_email_collector) > set domain i314.net
domain => i314.net
msf auxiliary(search_email_collector) > run
 
auxiliary/scanner/http/dir_scanner 
//搜索网站目录
msf exploit(usermap_script) > use auxiliary/scanner/http/dir_scanner

msf auxiliary(dir_scanner) > set THREADS 50

THREADS => 50

msf auxiliary(dir_scanner) > set RHOSTS www.maka.im

RHOSTS => www.maka.im

msf auxiliary(dir_scanner) > exploit  

发表评论

登录 后发表评论.