|
|
|
|
|
|
by lmeyerov
2177 days ago
|
|
|
FWIW, we've had a lot of fun doing web inventory mapping via OWASP OMASS (https://github.com/OWASP/Amass): enumerate via amass -> dump into neo4j or just csv/json -> explore with jupyter/graphistry. A lot of bug bounties have been getting paid out this way. I can't share the details, but we did it as a graph analytics demo with a financial partner bigger than many countries, and 30min later, tickets filed. IMO every sec team > 5 people should have something like this setup. |
|
|