Summary
- The storyteller, Ghost, was experiencing a dry spell in finding vulnerabilities in their regular target.
- They decide to use the Wayback Machine to find old vulnerabilities in previous versions of a subdomain.
- Ghost first cleans up the list of URLs and unique domains using the command line tools cat, unfurl, and httpx.
- They come up with a list of live subdomains from Wayback Machine data.
- Ghost then chooses a random subdomain to investigate further, letting the potential vulnerabilities they find guide their further analysis.
- This approach pays off, and Ghost finds a new vulnerability.
By SIDDHANT SHUKLA
Original Article