find HIDDEN urls!! (subdomain enumeration hacking) // ft. HakLuke

nice

Is there a way to find private domains owners? I want to see who owns a certain domain

Can we show which files are saved in my website. that's helpful to make more secure my own WebApp.
I want to find all assets or multi-media files.

sorta like sherlock but for urls ;)

He's got a nice keyboard! Hehe. Fellow musician.

Would you do a video about vpn? Is it really useful?

Forgive me for doing this on your website 😂

Mr chuck: You need my permission to do so. Do not use my domain.


me: Mr Chuck, may I use your domain to do ethical hacking? I promise, is for my study. I would like to get my hands on more into stuff.

haha. it's a hidden url.. haha get it?

hi , is there any chance to find hidden download links that websites make them show only to Vip users ?

Now that would be a interesting video. Everyone says be careful but why? these are all resources reachable on the web correct. I never have permission to go to any of these sites. I never asked google for permission to use there service either. So why would I have to do that for the other sites???? :)

The problem is that all HackerOne BugCrowd Intigrity websites only show endpoints with .js extensions....Now how to dig .js files to catch vulnerable parameters, Endpoints for SQL injection XSS LFI RFI RCE OS COMMAND is host header attacks..
Thanks ✅️ 😊 🫂

Do you need permission? To crawl websites? Nonsense

If a subdomain is openly accessible, without a password, then it is not illegal to access it. If they wanted to hide it, they could and should. I've been hacking like that since before the Web and will continue to.

is there a way to do this that might be less thorough and not require permission? And if so, not requiring a tool that needs to be installed? Perhaps using a "passive" enumeration?

tuk tuk voice show your password length 😀😀😆😆

That is one thing that I've noticed that the IT and Blacksmithing Communities have in Common... If you need a tool... you make a tool... I mean... Blacksmiths and Chip Manufacturers are essentially doing the same thing... Shaping Metal With Fire

from this demo video,
username and password : kali ,
your website using wordpress..

anyway, good work mate..
cmiiw

I recently found subfinder and Amass and I believe after 2 years of hacking and failing. I think I now know where to go and look beyond the main site because the obvious bugs have already been found.

What I learned in ethical hacking in order to find those sweet high or critical bugs you either need to dig deep or search farther as legally possible.

🤢🤢

haha. it's a hidden url... haha get it?

I use arch btw

I can only say..... thank you network chuck

Why it wouldn't run if i start Anonsurf VPN on my Kali machine?

those are vulnerable sites? I ask for cracking domain 🤨

I just realized you can hear him type every letter, so if your willing to put in the time you can decipher his password xD

Thank you so much

So did anyone else notice the secret message in the black screens on the beginning?

Love from Nepal

"haha. it's a hidden url.. haha get it?"

👆👆 I can't stop thanking you and recommending you a lot for your tremendous effort which shows to be the best among all

My “coffee” is a bottle of Hennessy lol

i have a feeling you didn't get permission to use gau on reddit

can i use these tools on your website lol

or try anyways

Love your shirt Chuck.

Ngl feels better to have your own tools, made by you

Hey Chuck, here an small script to run hakrawler more easy (thanks to your bash course!):
#!/bin/bash

echo "Is docker active?"
read DOCKER
if [ "$DOCKER" == "y" ]
then
echo " What domain do you want to crawl (include hhtp(s)):"
read DOMAIN
echo " Type filename for storing the output:"
read FILE
mkdir -p ~/hakrawler/output
echo " Crawling $DOMAIN. One moment please..."
echo $DOMAIN | sudo docker run --rm -i hakluke/hakrawler:v2 > ~/hakrawler/output/$FILE.txt
echo " Crawling done!"
echo " The output is stored in:"
echo " ~/hakrawler/output/$FILE.txt"
else
echo " Please, start your docker server first and run hakrawler again!"
fi

me who used the tool to make my own google

So quick question, do these tools also pick up urls that are not indexed by search engines like Google?

Lmao the first Reddit it finds is r/traps

NC, can you (unless you already ahve) go over how how you have customized your terminal screen. I really like the prompt and the behavior of your terminal screen.

sudo apt install Hakrawler (just simple !!!!!!!!!)

boleh la cari bughost telco hehehe

That's cool. I wanted to learn some basic Python while doing something useful, so I made a program that webscrapes all the images associated with a web comic on various hentai web pages 😁