OSINT+Rust

Dojo-101-DevSec/Rust-security.md

@@ -99,7 +99,7 @@ panic!("crash and burn");
 
 ## Sécurité : Mémoire, Type, Threads
 
-Le script ci dessous 
+Démonstration des principales fonctions de sécurité :
 
 ```rust
 use std::thread;

Dojo-101-Pentest/1-RECON-SCAN-ENUM/OSINT-Tools.md

@@ -12,11 +12,11 @@
 
 * **Recon-ng :** Uses a system of modules to add additional features and functions for your use. 
 
-* **Shodan :** A website search engine for web camera , routers , servers , etc. that are considered part of the Internet of Things.
-
 * **Censys :** Website search engine used for finding hosts and networks accros the internet with data about their configuration.
 
-* **Maltego :** Piece of commercial software used for conducting open source intelligence that visually helps connect those relationships.
+* **amass :** OWASP tool In-depth attack surface mapping and asset discovery.
+
+* [Maltego : Piece of commercial software used for conducting open source intelligence that visually helps connect those relationships.](https://www.maltego.com/)
 
 * [Depix : Recover plaintext from pixelized screenshots](https://github.com/spipm/Depix)
 
@@ -34,4 +34,25 @@
 
 ## Service Tiers
 
-* [SocRadar](https://socradar.io/)
+* [SocRadar](https://socradar.io/)
+
+* [Web Check](https://web-check.xyz/)
+
+* [Shodan](https://www.shodan.io/)
+
+### Recherche Shodan
+
+| Valeur | description |
+|--------|-------------|
+|10.10.10.10 | voir le scan de l'IP concernée |
+|hostname:"targetname.com" | recherche par nom de domaine |
+|"content-type: application/json" | jSON API |
+|"content-type: application/xml" | XML API |
+|"200 OK" | contenu de la réponse |
+|"wp-json" | WordPress API. |
+
+exemple de shodan APi avec nmap : 
+
+```bash
+nmap --script shodan-api x.y.z.0/24 -sn -Pn -n --script-args ‘shodan-api.outfile=patato.csv,shodan-apikey=SHODANAPIKEY’
+```