======
whois domain.com
<a href="https://whois.arin.net/ui/advanced.jsp">https://whois.arin.net/ui/advanced.jsp</a>
Find other netblocks by throwing in Wildcards to the search.
whois hooperlabs.xyz
Geolocate MAC Addresses of Wifi Hotspots - <a href="https://wigle.net/">https://wigle.net/</a>
http://find-wifi.mylnikov.org/
Search publicly-available S3 buckets (useful for borrowing a certificate).
<a href="http://loopnet.com">http://loopnet.com</a>
curl http://api.macvendors.com/fc-a1-3e-2a-1c-33
<a href="https://www.shodan.io/"">https://www.shodan.io/</a>
site:"microsoft.com" -site:"www.microsoft.com"
inurl:"/control/userimage.html"
filetype,inurl,intitle,
intitle:"index of" "parent directory"
theharvester -d cisco.com -b all
for ip in $(seq 50 100); do host 38.100.193.$ip; done | grep -v "not found"
python /opt/massdns/scripts/subbrute.py /usr/share/wordlists/dns.top20000.txt domain.com | massdns -r /usr/share/wordlists/dns.resolvers.txt --verify-ip -w massdns.out.txt -o S
massdns -s 15000 -t CNAME -o J -r /usr/share/wordlists/resolvers.txt --flush
theharvester -d domain.com -b all -c
sublist3r -d domain.com -b -o outfile.txt
amass enum -passive -include-unresolvable -timeout 10 -d domain.com | tee amass.txt
dnscan -d domain.com -w /usr/share/wordlists/commonspeak2-subdomains.txt -t 16 -6 -r -o dnscan.txt
python knockpy.py domain.com -w /usr/share/wordlists/commonspeak2-subdomains.txt | grep domain.com | cut -d '"' -f2 | tee knockpy.out
dnsrecon -d domain.com -D /usr/share/wordlists/commonspeak2-subdomains.txt -g -b -k -w -z --threads 16
altdns -i subdomains.txt -o altdns.txt -w words.txt -r -s results_outputs.txt
chaos -d domain.com -silent | nuclei -t nuclei-templates/dns/dead-host-with-cname.yaml
companyname github linkedin
https://github.com/initstring/linkedin2username
https://github.com/zricethezav/gitleaks | docker pull zricethezav/gitleaks
docker run --rm --name=gitleaks zricethezav/gitleaks -v -r https://gitlab.com/StraightOuttaCrompton/aws-cdk-static-site
https://github.com/michenriksen/gitrob
https://github.com/dxa4481/truffleHog
https://github.com/eth0izzle/shhgit
git log --pretty=oneline
git show <hash>
Within UI, fork project; git clone https://github.com/caryhooper/repo.git; git checkout -b new_branch; git remote add upstream https://github.com/username/repo.git; make changes and commit ; git push -u origin new_branch
git checkout -b new-feature
git checkout -d new-feature
git push origin --delete new-feature
git checkout master; git merge branch2
git rm -r --cached .\Scripts\
git submodule add https://example.com/user/repo.git destination_folder
git clone --branch recipes git@github.com:caryhooper/hooperlabs
"filename:users"
marketplace search github
marketplace info recon/domains-hosts/google_site_web
modules load recon/domains-hosts/google_site_web
info
options set SOURCE hooperlabs.xyz
back
show hosts
marketplace install recon/hosts-hosts/resolve