pentest-osint-recon

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Pentest OSINT Recon

渗透测试OSINT侦察

Purpose

目的

Gather publicly available information about a target organization to map its external attack surface, including subdomains, emails, and exposed assets.

收集目标组织的公开可用信息，以绘制其外部攻击面，包括子域名、邮箱和暴露的资产。

Core Workflow

核心工作流程

Domain Enumeration: Discover subdomains and related assets using
```
amass
```
and
```
subfinder
```
.
Tech Profiling: Identify technologies used on discovered assets using
```
httpx
```
and
```
whatweb
```
.
Information Gathering: Search for emails, leaks, and social media presence using
```
theharvester
```
and search engines.
Asset Correlation: Correlate IP addresses, domains, and technologies to find weak spots.
Vulnerability Intel: Check discovered software versions against CVE databases.

域名枚举：使用
```
amass
```
和
```
subfinder
```
发现子域名及相关资产。
技术分析：使用
```
httpx
```
和
```
whatweb
```
识别已发现资产所使用的技术。
信息收集：使用
```
theharvester
```
和搜索引擎搜索邮箱、数据泄露信息和社交媒体踪迹。
资产关联：关联IP地址、域名和技术以找出薄弱点。
漏洞情报：对照CVE数据库检查已发现软件的版本。

References

参考资料

```
references/tools.md
```
```
references/workflows.md
```

```
references/tools.md
```
```
references/workflows.md
```