Target Discovery
To attack, we need a target, hence the target discovery. When a website server IP is protected, they may share the same IP with the other websites that may have vulnerabilities.
if your real target is directly secured, you can try attacking different domain that is in the same server that may have
vulnerabilities through the same IP address they share
Sometimes IP is hidden behind likes of Cloudflare
To find it try open www.crimeflare.us:82/cfs.html
Wonderful tool to see any IP hidden by Cloudflare
Small trivia: XMLRPC has a weakness that the real server would pingback to your personal server
tools:
– dnstrails.com
– robtex.com
This is robtex: