· 6 years ago · Mar 26, 2019, 07:32 PM
112.3.19
2
3CTRL+SHIFT+I - Show HTML code in Chrome browser
4
5
6JavaScript-
7Document – calls to the entire doument
8Document.getElementById(‘elementID’)
9
10httpbin.org
11
12soup.select == document.querySelectorAll
13
14HW take Google_search.py and make it work for he first three pages
15
16_________________________________________________________________________
17Filtering Google search by site:website.co.il for sensitive
18
19Dir-buster to take a list of urls (dictionary in a txt file) with multithreading and
20python3 -i python.file ---- running python in interactive mode
21______________________________________________________________________________
22
23
24vim -O file1 file2 Opens two files switching between them with CTRL+w+arrow
25Replace in vim:
26:%s (search) / <pattern for replace>/ <replace pattern> /g (global)
27vim basic navigation:
28w b to move back and forth in vim, f / Shift+f is to go until the next keyboard character
29q is for recording - doing an action and repeating with a shortcut
30
31
32When using python to scrape google, the server will send the data back in an older format- We need to change the http headers to something more up to date
33
34_______________________________________________________________________________
35
36white box- full transparency
37gray box- some information is divulged
38black box- no information is divulged
39
40Reconnaissance- active (any direct access to servers) and passive
41____________________________________
42
43Social engineering: Email, phone/sms-> referred to the domain-> worker
44Creating a table to list workers' details with their name, title, email, phone, social
45
46IntelTechniques- Tools- Classic Version- Facebook- <facebook profile> - Find Facebook ID-
47copy the image address of the individual and search on google for additional affiliations
48
49Google Dorking: filter with site:<site> and title:"<keyword>" inurl:"<keyword>" filetype:<>
50- (is not)
51for subdomains >>>> site:intel.com -site:www.intel.com
52ghdb- google hacking data base for google search sytanxes
53
54<site.com/robots.txt> shows a list of directories that are not indexed for google
55
56accessing webpages through googles cache to go undeteted and to recover removed data
57
58waybackmachine to see past snapshots of websites
59
60email-checker to see if email exists (some servers dont allow email verification)
61
62characterizing our system- enter company name and domain:
63go to linkedin > if there is only one company continue- if not let the user choose which one
64
65parse list of employees and save (to file/list or ram) names and titles
66
67additional function to google and collects first five pages of site:site intext:"@domain" and find emails with regex
68
69we now have a sample list of emails - create a pattern to determine how the emails are written and distribute them accordingly to the employee table
70
71postgresql - resource to create the table for assignment
72
73bonus- also in facebook
74
75_____________________________________________________________________________
76
77foca- eleven paths -