Recon For Penetration Testers

This course will introduce you to the Reconnaissance of web applications and will help Students, Bug Bounty Hunters, and Pentesters to dive into the Reconnaissance and help them find more Security Flaws by performing in-depth Recon on web applications.

This is a short-term beginner-friendly practical course that covers different types of techniques and strategies to perform scope-based recon and also shows how much importance Recon carries while Pen-testing or while doing Bug Hunting.

Takeaways: You will be able to perform Recon effectively and also you will learn how the scripts are modified which can help in automating/modifying the scripts on your own which makes it easier and save you time while doing enumeration on multiple targets.

Modules Introduced in this Course:

• Overview of Recon

• Selecting the Right Target

• Performing Recon and Increasing the Attack Surface

• Scope Based Recon

• Why Scope-based Recon?

• What to Look for in Small, Medium, and Large Scope Recon?

• Subdomain Enumeration Using Subfinder, Assetfinder

• Introduction to automation and one-liners to make things easy

• Resolving Subdomains using HTTPX

• Introduction to Nuclei and understanding the templates

• Nuclei live demonstration

• Introduction to Github Recon and clearing misconceptions about false findings

• Hunting Sensitive data on GitHub using Githound

• Introduction to Github Dorking

• Introduction to directory enumeration using dirsearch

• Understanding recursive directory enumeration with a live demonstration

• Managing HTTP status codes while enumeration

• Automating directory enumeration

• Automation for Fun and Profit