Crawling#

Katana#

ProjectDiscovery tool. See ProjectDiscovery Tools

Crawl and parse js files for more endpoints

katana -u domain.name -jsl | tee -a assets.txt
cat domains.txt | katana -jsl -kf all -td -d 10 | tee -a assets.txt

ReconSpider#

See Reconspider This tool crawl and parse html comments, links, emails, etc

python3 ./reconspider.py http://domain.name

Directory/File Bruteforce#

gobuster dir -u http://$target/ -w /usr/share/seclists/Discovery/Web-Content/common.txt
ffuf -w /usr/share/seclists/Discovery/Web-Content/common.txt:FUZZ -u http://$target/FUZZ
Backward Subdomain Enumeration Probing Forward