Internet Management （ information gathering ）

One 、 subdomain

1.FOFA

2.cert certificate

3. Subdomain tool

a.oneforall

b. Subdomain explosion

Subdomain excavator

FOFA plug-in unit （subdomainsbrute）

Online website （https://phpinfo.me/domain/）

c.Subfinder

d.Sublist3r

e. Micro step online

f.360 Threat intelligence center

Two 、C paragraph

fofa

shodan

360quake

Tidal fingerprints

3、 ... and 、Web The fingerprint

1. The check

a. Keep on record -- Check the inner eye （https://www.tianyancha.com/）/ Companies check / I love checking

b.CDN

c.whois-- Home of stationmaster （https://www.chinaz.com/）

d.DNS Historical analysis records (https://securitytrails.com/)

ping

nslookup

dig

2. Catalog

a. Mitsurugi

b.kali-dirb

c.github-dirsearch

d. Reptiles （rad、JSfinder、AWVS Reptile mode 、 premium XRAY）

3.google hack grammar

4.cms

a. Yun Xi （https://www.yunsee.cn/）

b.FOFA-IP polymerization

c. Tidal fingerprints

d.kali-whatweb

e.github cms Identification tools

f. Firefox plugin -Wappalyzer

5. port

nmap

Many gadgets

FOFA

TTL Determine the type of operating system

6.waf distinguish

kali-wafw00f

7. middleware

Default port

Error message

HTTP Header information （nmap）