What websites to target?

[xyzz]

Hello all, Anyone known what websites to target that are likely to have vulnerabilities. Is there a quick way to find these websites or do you just need to mass scan a bunch of websites.

 

[BLUA]

Hello all, Anyone known what websites to target that are likely to have vulnerabilities. Is there a quick way to find these websites or do you just need to mass scan a bunch of websites.

everyone has their own approach, you need to look for vulnerable services, and interesting sites for you
to dig into a pile of shit, so-so occupation

 

[prono]

Try dorks for beginning, digging into random sites will give you ideas for more dorks that are not public. Keep a look on the GET parameters. Use site: to choose the domain and country, use different VPN countries, that way one dork will show you different results every time you change it.
Don't forget to brute force the subdomains

 

[Prokhorenco]

Try dorks for beginning, digging into random sites will give you ideas for more dorks that are not public. Keep a look on the GET parameters. Use site: to choose the domain and country, use different VPN countries, that way one dork will show you different results every time you change it.
Don't forget to brute force the subdomains

Perhaps also mass vuln scanning hundreds and thousands of domains using something like nuclei.

Scanning and Recon: https://enlacehacktivista.org/index.php?title=Scanning_and_Recon
Exploitation payloads and tools: https://enlacehacktivista.org/index.php?title=Exploitation