Connect with me on twitter:

Quick intro to enumerating a specific target’s digital footprint. I take no responsibility for your use of the below, please always have permission before you engage a specific target.

The below walkthrough explains a simple enumeration of a domain. For this we’ll focus on Tesla.

The basics

For this specific target we can assume that our main target is

Enumeration, specifically domain enumeration can be performed in several ways. I really like the article of Patrik Hudak, refer here

The two important notes here are vertical and horizontal enumeration. …

My Twitter handle:

Be sure to follow my blog at

This would most definitely go out to my most tedious XSS attempts yet. I’ve started with Burp for a good enumeration. I set out my target scope using advance scope control and the host-name as “company.”.

I then browse the application slowly one for one, specifically I look for parameters that gets reflected. Once I suspect reflection I make use of the Intruder tab to Actively scan defined insertion points. Note that I also clear insertion points for cookies etc. I only focus on the URL parameters now.

Image for post
Image for post

Let the scanner do its job and keep fuzzing for insertion points. …

Follow on twitter:

I did a quick view at a major infrastructure client. Given their modern web-design I couldn't find any reflective injection points.
I’ve let it go for a while and found myself dealing with one of their earlier versions and immediately note that the hosted site is much more outdated than their recent counterparts.

I set out scoping the application using Burp and found a reflective spot. This could lead to a type Stored XSS on the user machine as you’re adding into the container.

Wouldn’t have been able to identify the endpoint if I haven't played with the application functionality. …


Frans Hendrik Botes


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store