External Assessments

Uncovering assets:

• crt.sh, merklemap.com, censys, Shodan, Gau, Whoxy, LinkedIn scraping, Google Dorks, Crunchbase, Zoominfo (zoomeye?)

• PHENOMINAL bug bounty/dork search: https://taksec.github.io/google-dorks-bug-bounty/
• Bug bounty/dorking search engine: https://nitinyadav00.github.io/Bug-Bounty-Search-Engine/

• Awesome censys queries: https://github.com/thehappydinoa/awesome-censys-queries

• Look into spiderfoot?

Search documentation/internal resources for:

net use
psexec
.pfx
AsPlainText
Authorization: Basic
Authorization: Bearer
NetworkCredential
password
root
passwd
credential
putty
logins
connectionstring
securestring
samaccountname
ldap
sudo
scp
ssh
.vmd
clientdomain\
@clientdomain.com
id_dsa
id_rsa
ghp_
AWS_SECRET_ACCESS_KEY + AKIA/ASIA
ssh_password
net user