Methodologies/Mindmaps
General Information about the target
Collect Emails and Usernames
Collect IP/Hostnames/ASN
Gather Compromised users data
Identify assets in public clouds
Enumerate AzureAD
Automatic tools to gather information
Collection automation - useful tools
GitHub Dorks
Distribute Scanning
Find Links / JS
Check mail records
Dangling DNS
Google Dorks