Determining your hacking targets with recon and automation
Why picking targets is so important Many ethical hackers struggle because they are hacking the “wrong” types of targets for them. This is especially true …
Gunnar Andrews
Approaching a target to hack can feel like climbing a mountain. You may face large scopes, confusing applications, complex user hierarchies…the list goes on. The key to hacking in today’s world of large and/or complicated targets is a combination of two things:
The following steps are a good blueprint to get you down the path of supercharged hacking!
The first step to having a supercharged workflow is your workspace. There are three quick things to keep in mind when preparing yourself and your workspace:
Having the tools you need to do the job is vital to the task’s completion. This remains true when you sit down to hack. The ideal setup will include a spacious workspace with as little clutter as possible. If there is too much clutter on your desk or workspace, it is proven that this will distract you. You should have only the necessities. Ideally, a comfortable chair that keeps you at the right height is equally important. Any decorations or personal items on your desk should be in the background, out of your way. Some studies say adding a “flow” to your workspace is a hidden secret. For instance, create a space where incoming tasks are on your left, your PC or workstation is in the middle, and completed tasks are to the right.
Your workflow can’t be supercharged if you are constantly being interrupted. Placing any phones or electronics and other distractions away would be ideal. These electronic distractions should also be silenced. This effort will increase the chance that you stay focused while working. Some people enjoy different types of music or background noise while working. Everyone is different in this regard, but keep in mind that if there is background music, it should not require your constant attention. It should be something you can start and leave alone. Giving yourself breaks is important, but always ensure your working time is as productive as possible.
Your mindset can completely change how you see a challenge. So you must go into your hacking sessions with a good mindset. But what makes a good mindset? Well, I would argue that the following list is a good place to start:
The first two things on the list are a solid start. Making small personal daily goals you enjoy chasing will only increase your drive. At the same time, remember that your long-term growth as a supercharged hacker is more important than any specific day’s results! Everyone has bad days, but having a consistent growth mindset is essential. Making a mission statement for yourself ensures that you know the “why” behind why you are hacking in the first place. Enjoying your work is something so few people seem to get now. Find a way to get yourself in a mindset where you enjoy your workflow and the continuous learning that comes with it! All of the above can be increased by ensuring that your internal dialogue with yourself is positive. You decide your mindset!
Now let’s get to hacking! The first step will be performing thorough reconnaissance on your target. Depending on the scope of your target, this could vary a bit, but I am going to split this section into two parts. The first part of our recon workflow will be finding as many in-scope assets as possible. Finding as much of the in-scope infrastructure as possible is key to the rest of the workflow. The second part will be for each specific asset we find and what types of technology are present on each asset. I will have checklists for each section so you can check things off as you go. The idea is to start at the broadest scope possible and then narrow it down. So if you have an open scope program, use the large scope checklist, take the domains from there, use the medium scope checklist, and so on.
Why are organization and note-taking so important? Well, if you are trying to supercharge your hacking workflow but don’t remember what steps you have done or the results of those tests, then you are bound to repeat tests and forget information. This leads to a lot of repeat testing, as well as missed findings! That doesn’t sound very supercharged! Staying organized as you complete your workflow is just as vital to your hacking as the other steps. Organizing your thoughts also makes reporting your tests and findings easier! The larger the scope for a target is, the more lost you risk becoming unless you come prepared. So always ensure make sure as you test to keep as detailed notes (and screenshots) as you can.
There is an astonishing amount of productivity tools out there today that include note-taking functionality. So which one do you use? Well, the answer is easy, whichever one works best for you! With so many tools out there, they all are very good and which one you use is 100% up to you. There are a few that are popular:
The above workflow and checklists are a good start to supercharging your hacking, but as with many things, the learning and improving never ends. The goal is to take these steps and use them as a starting point. Where you take them from there is entirely up to you. Maybe you add some more tests or completely new sections, or maybe you add workflows for mobile apps. The goal of the workflow is to get started on your journey. Where you decide to further supercharge your hacking workflow is completely up to you!
My online alias is G0lden. I am a hacker out of the midwest United States. I came into the hacking world through corporate jobs out of college, and I also do bug bounties. I enjoy finding new ways to hunt bugs and cutting-edge new tools. Making new connections with fellow hackers is the best part of this community for me!
Why not check out the following?
Why picking targets is so important Many ethical hackers struggle because they are hacking the “wrong” types of targets for them. This is especially true …
You will find a common pattern if you read blog posts or watch interviews with some of today’s top ethical hackers. When asked if coding …