Find all Hidden website of Hosted on Server !

After working for many years, if there was one thing that really interested me, it was scanning someone’s Host .And this thing works in a very powerful way when you find out about someone how many websites that person actually has.

But there are some flaws in the tool music that is going to be today.

I am going to use Nmap . Nmap has one of the biggest problem that it indicate the firewall systems. The reason is it send the huge number of packets to a server that can cause a lot of problem for a hacker.

Do you know you Can use NMAP & Masscan Together !

The last attack I was trying to perform on Pentagon. And the result was little bit annoying. Then because of to many request they block my IP :

my Boss who give me a task to scan their comparative website and let them know how many domains they have.

At that point I start using Nmap a powerful Network mapping Tool that help you to scan entire network or organization through IP or domain .

Don’t forget scanning someone’s propriety & personal information without their permission. It is a crime . The person state , origination can Tack Action against you .:)

Before you Proceed you Need you understand Mothed for Scanning

1: Using Automated Tool for scanning

2: Use your own Script for Host Scanning ( bash , python , Shell )

3: Mix your Script with Automation tools.

Using Automated Tool for scanning :

Before using Command always Conform that if there is any WAF by using the fallowing command that will help you to make your work easy. if you are bug hunter that can be help full to bypass thing.

 nmap -p443 --script http-waf-detect --script-args="http-waf-detect.aggro,http-waf-detect.detectBodyChanges" www.xxxx.com

For This matted we will use Nmap and Some command we will use using

nmap -sS -sU -T4 -A -v -PE -PP -PS80,443 -PA3389 -PU40125 -PY -g 53 --script "default or…