ASNmap tutorial -
Автор: CYBER BYTES
Загружено: 2022-10-22
Просмотров: 1918
Описание:
In this video of demonstration of the tool ASNmap by projectdiscovery, we take a look at basics of ASNs and their use in the #pentesting #bughunt process.
We start the video by explaining the foundations of Autonomous System Numbers or ASNs and their general architecture and role as one of the important elements in world wide internet interconnectivity. For organizations with huge IP infrastructure, and multiple hosts on the internet, there could be a possibility for a #security researcher to find a host that is 'forgotten' and is not maintained. This can lead to a #security loophole and can be possible for an attacker to enter the infrastructure.
As the information about ASNs is available over the internet, this information can help us to understand the internet footprint of the organization and #enumerate #hosts for your #ethicalhacking #bugbounty #penetrationtesting engagements. As you enumerate more hosts that are in part of your Rules of engagement you can have a higher possibility of finding a #bug for reporting.
For part of penetration testing exercise with a wider scope, the information fetched from ASNs can be helpful to find hosts quickly and saving a lot of time in the engagement.
ASNmap project page - https://github.com/projectdiscovery/a...
ASNmap blog article - https://blog.projectdiscovery.io/asnmap/
#opensource #tool-release #osint #recon #asn #asn-lookup #cidr-range
https://0xpatrik.com/asset-discovery/
https://www.arin.net/resources/guide/...
The video is divided into 2 parts.
a. Where we take up the theory part behind the concept of ASNs and their importance.
b. Demonstration of the tool #asnmap and exploring its various options that can be utilized for your task based on your engagement scenario.
Install go lang on your machine:-
https://go.dev/doc/install
Install go lang on kali linux -
If you like my work, then please consider subscribing to the channel, like the video and comment so that the content reaches the intended audience.
DISCLAIMER
-------------------
The contents shown in the video are purely for educational purposes only. The main objective of the video is to explain & demonstrate the concept of enumeration via the use of ASN numbers and explain the potential value that can be added to the testers penetration testing and bug bounty hunting exercises.
The author of the video does not take any responsibility for the misuse of the knowledge acquired by this demonstration. Whatever tests you do, it will be your own responsibility.
----------------------------------------------------
Follow us on:
Twitter - evolutionsec
Facebook - / evolutioninfosecure
Our website - https://www.evolutioninfosecure.in
--------------------------------------------------
Want to #learn #nmap the right way?
Visit our complete #course on nmap #networksecurity #scanner on #udemy
Link - https://www.udemy.com/course/network-...
Want to learn the basics of #log #analysis
Our basic course on #webapp log analysis will help you understand the #basics of log analysis.
Link - https://www.udemy.com/course/log-anal...
If you want #udemycoupons directly ping us. Drop a message on our website with your email details or drop a comment. We will provide you a special coupon for course at #bestprice #discount
-----------------------------------------------------
Video Index
00:00 - 00:26 - Video introduction
00:27 - 02:06 - Introduction to ASNs or What is ASN?
02:07 - 04:21 - Need for ASNs & basic functioning of ASNs
04:22 - 06:31 - Importance of ASNs in reconnaissance or recon phase
06:32 - 09:10 - Horizontal & Vertical domain correlation
09:11 - 10:31 - ASNmap introduction & features
10:32 - 12:31 - ASNmap project page on github & installation
12:32 - 12:44 - Channel disclaimer
12:45 - 14:14 - Get target IP address and ASNmap input IP option
14:15 - 15:29 - ASNmap output in csv format
15:30 - 16:20 - ASNmap output in json format
16:21 - 18:50 - Get IP prefixes from ASN data & result explanation
18:51 - 19:20 - Getting ASN data from domain
19:21 - 20:25 - Get IP prefixes from organisation name
20:26 - 21:58 - ASN & IP prefix data from multiple domains & way ahead
21:59 - 22:17 - Video outro
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке: