Based on our record, Burp Suite should be more popular than Subfinder. It has been mentiond 13 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
https://github.com/projectdiscovery/subfinder does this, but it explains all the methods and lets you choose to only do a passive scan. - Source: Hacker News / 10 months ago
My main source is Certificate Transparency, which is kind of a database of TLS certs created so far. But use external tools like Subfinder or Amass. Source: over 1 year ago
In addition, tools such as snyk or burp can be used to control the dependencies of a project. - Source: dev.to / 9 days ago
Check https://portswigger.net, they have learning material and labs about this topic. Source: over 1 year ago
I ask about serving websites because understanding how a web server works (very basically) with a browser or any client is a huge step in understanding HTTP, host headers, and even host header attacks (if you're into that sort of thing.. As an aside I did a quick google search and https://portswigger.net/ showed up.. Apparently they have interactive labs and very informative documentation on various attack... Source: almost 2 years ago
As you are quite new to the hobby, I would definitely recommend you go to portswigger.net academy. They give you a quite thorough understanding in all the fundamentals and they have labs set up where you can practice everything you learn at each step. The best part is you can learn at your own pace and it's all free. Source: almost 2 years ago
Connect your PC (with Burp Suite installed) and Android to the same network. > Note — Here my PC’s IP is 192.168.43.20 and Android’s IP is 192.168.43.180. - Source: dev.to / almost 2 years ago
Sublist3r - Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT.
Nessus - Nessus Professional is a security platform designed for businesses who want to protect the security of themselves, their clients, and their customers.
OWASP Amass - An advanced open source tool to help information security professionals perform network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques!
Qualys - Qualys helps your business automate the full spectrum of auditing, compliance and protection of your IT systems and web applications.
sn0int - sn0int is a semi-automatic OSINT framework and package manager
OpenVAS - The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools...