Advanced Subdomain Discovery with Amass and Cheat Sheet

In this cheat sheet, I cover essential Amass commands, enumeration techniques, and practical workflows for effective recon.
https://denizhalil.com/2026/05/02/owasp-amass-subdomain-enumeration-cheat-sheet/

#CyberSecurity #OWASP #Amass #SubdomainEnumeration #Recon #OSINT #AttackSurface #BugBounty

🔍 Inside the Tech: New Talk Added to BSides Luxembourg

🌐📡 𝗧𝗛𝗘 𝗙𝗢𝗥𝗚𝗢𝗧𝗧𝗘𝗡 𝗙𝗜𝗡𝗚𝗘𝗥𝗣𝗥𝗜𝗡𝗧: 𝗗𝗡𝗦 𝗕𝗔𝗦𝗘𝗗 𝗢𝗦𝗜𝗡𝗧 𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦 𝗙𝗢𝗥 𝗣𝗥𝗢𝗗𝗨𝗖𝗧 & 𝗦𝗘𝗥𝗩𝗜𝗖𝗘 𝗗𝗜𝗦𝗖𝗢𝗩𝗘𝗥𝗬 – Rishi ( @rxerium )

⚡ Reveal hidden infrastructure in a Talk (40 min) using DNS TXT records to map technologies, dependencies, and external services at scale.

DNS is often treated as infrastructure plumbing, but TXT records quietly expose far more than most defenders realize. This session introduces a DNS-based OSINT methodology that leverages large-scale TXT record analysis to uncover embedded service dependencies such as cloud platforms, SaaS integrations, and identity providers.

By programmatically scanning DNS zones and integrating the technique into tools like Nuclei and OWASP Amass, this approach enables security teams to build detailed maps of organizational technology stacks and attack surfaces. A real-world case study from the Salesloft breach demonstrates how these signals translate into actionable intelligence for both offensive and defensive use cases.

Rishi ( @rxerium ) is a London-based security researcher focused on vulnerability research, threat intelligence, and OSINT-driven attack surface discovery. He contributes to open-source security tooling, supports the UK OSINT community, and focuses on building scalable reconnaissance and detection methodologies.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/

📅 Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

📲 View full schedule & build your agenda: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #OSINT #DNS #AttackSurface #ThreatIntelligence #CyberSecurity

Subdomain Takeover Vulnerabilities and Prevention

In this article, I cover:
* How subdomain takeover vulnerabilities occur
* Real-world exploitation scenarios
Reconnaissance and detection techniques
* Practical prevention and DNS hygiene strategies

https://denizhalil.com/2026/02/16/subdomain-takeover-vulnerabilities-prevention/

#CyberSecurity #SubdomainTakeover #DNS #AttackSurface #BugBounty #RedTeam #BlueTeam #InfoSec #CloudSecurity #WebSecurity #EthicalHacking

The Real Problem Isn't That #AI Can't Write #SecureCode - It's That It's Expanding #AttackSurface

https://thehackernews.com/expert-insights/2026/03/the-real-problem-isnt-that-ai-cant.html

#OSINT, #BugBounty, #Pentesting, #CyberSecurity, #Infosec, #OriginServer, #CDNDetection, #DNSHistory, #SSLForensics, #FaviconFingerprinting, #AttackSurface, #InfrastructureAnalysis, #WebSecurity, #NetworkReconnaissance, #ThreatIntelligence, #SecurityResearch, #CloudSecurity, #ServerDiscovery, #DigitalForensics, #VulnerabilityAssessment

New Product

https://shoppy.gg/product/PvKQaT9

To fix this, the origin server should be restricted to accept traffic only from Cloudflare IP ranges.

Real log

I'm still reading the first chapter of #AttackSurface by @pluralistic (audiobook; very well read). This security nerd is enjoying it a lot.

If someone can convince me that the protagonist, Masha, isn't at least inspired by @evacide , I will eat my shorts. (I don't recall a dedication at the start, so it may be moot).

#Doctorow #LittleBrother #bookstodon

🔐 Identity compromise and reconnaissance are precursors to deeper breaches and targeted operations. Understanding this shift informs threat modeling and operational OPSEC. The latest index data only just published and signals a shift in attacker prioritization not yet widely reported.

https://industrialcyber.co/reports/ibm-x-force-reports-44-surge-in-exploitation-of-public-facing-applications-as-supply-chain-and-identity-attacks-intensify/ #AttackSurface

Thousands of public Google Cloud API endpoints are exposed — misconfigurations at scale create silent entry points. Visibility is the first line of defense. ☁️⚠️ #CloudSecurity #AttackSurface

https://thehackernews.com/2026/02/thousands-of-public-google-cloud-api.html

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust