当前位置:网站首页>Penetration test information collection - basic enterprise information
Penetration test information collection - basic enterprise information
2022-07-06 18:35:00 【Aspirin. two thousand and two】
List of articles
Basic information of the enterprise
1. Basic information of the enterprise .
2. Employee information ( Phone number 、 mailbox 、 Name, etc ), Organizational framework 、 Enterprise legal person 、 Enterprise comprehensive information, etc .
3. Among them, employee information collection is an important work in information collection , Employee information includes : Employee name 、 Employee job number 、 Employee family and communication information 、 Internet habits, etc .( social engineering )
4. Employee identity information : Employee resume , Employee ID card , cell-phone number , Birthday , hometown , Address and other personal information .
5、 Employee social account information :QQ Number ,QQ Group , Microblogging , WeChat , Alipay , Employee email account number, etc .
Things used :
https://www.tianyancha.com Check the inner eye
https://www.qichacha.com/ Companies check
https://aiqicha.baidu.com/ I love checking
View the enterprise framework , Personal information of enterprise executives 、 Other industries , One recruit among all employees of the enterprise is likely to win all
https://www.reg007.com/ Which websites have you registered
https://www.email-format.com/i/search/ Check the email related to this domain name online
Maltego(kali Tools ) information gathering —— visualization
Various recruitment networks
https://www.aies.cn/pinyin.htm Online Chinese character to Pinyin —— Make a dictionary
https://github.com/shack2/SNETCracker/releases Super weak password tool
https://anonymousemail.me/ Anonymous email
JS information gathering
adopt JS collect ,url, Directory and parameters
Js As an important part of our information collection, many people will ignore ,Js It may contain a lot of sensitive information , Make up a dictionary fuzz The effect is very good .
Many people will ignore the festival ,Js It may contain a lot of sensitive information , Make up a dictionary fuzz The effect is very good .
The script used :https://github.com/Threezh1/JSFinder
边栏推荐
- HMS core machine learning service creates a new "sound" state of simultaneous interpreting translation, and AI makes international exchanges smoother
- MySQL查询请求的执行过程——底层原理
- Markdown syntax for document editing (typera)
- SQL优化问题的简述
- With the implementation of MapReduce job de emphasis, a variety of output folders
- 转载:基于深度学习的工业品组件缺陷检测技术
- Brief description of SQL optimization problems
- Docker安装Redis
- CRMEB 商城系统如何助力营销?
- Compilation Principle -- C language implementation of prediction table
猜你喜欢
Tree-LSTM的一些理解以及DGL代码实现
Blue Bridge Cup real question: one question with clear code, master three codes
Penetration test information collection - CDN bypass
Prophet模型的简介以及案例分析
Implementation of queue
None of the strongest kings in the monitoring industry!
Self-supervised Heterogeneous Graph Neural Network with Co-contrastive Learning 论文阅读
Why does wechat use SQLite to save chat records?
Grafana 9.0 is officially released! It's the strongest!
CSRF漏洞分析
随机推荐
This article discusses the memory layout of objects in the JVM, as well as the principle and application of memory alignment and compression pointer
Alibaba cloud international ECS cannot log in to the pagoda panel console
十、进程管理
[Sun Yat sen University] information sharing of postgraduate entrance examination and re examination
44所高校入选!分布式智能计算项目名单公示
Introduction and case analysis of Prophet model
2019 Alibaba cluster dataset Usage Summary
当保存参数使用结构体时必备的开发技巧方式
Transfer data to event object in wechat applet
监控界的最强王者,没有之一!
Some understandings of tree LSTM and DGL code implementation
Markdown syntax for document editing (typera)
Redis的五种数据结构
Interview shock 62: what are the precautions for group by?
Excel usage record
MySQL查询请求的执行过程——底层原理
STM32+MFRC522完成IC卡号读取、密码修改、数据读写
287. Find duplicates
Cocos2d Lua 越来越小样本 内存游戏
[swoole series 2.1] run the swoole first