🐢GalapaGh0st👻

February 28th 2025

1 min read

Certificate Transparency Logs

crt.sh

curl -s "https://crt.sh/?q=facebook.com&output=json" | jq -r '.[]
 | select(.name_value | contains("dev")) | .name_value' | sort -u

This above code will output any domain in facebook with the domain containing “dev” and remove duplicates

Fingerprinting

This is to see the technologies a site uses with stuff like Wappalyszer. I know this stuffI think enough to not take notes.

Wafw00f

wafw00f inlanefreight.com

Gobuster

gobuster vhost -u http://inlanefreight.htb:81 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain

Grab vhosts on a target

Nikito

nikto -h inlanefreight.com -Tuning b

Finished the learning of the day doing CBBH - Recon - Skill Assessment

waf gobuster

Graph View