I hope everyone is having a nice holiday. I started reviewing and going through the OWASP methodology check list and the first one talks about search engine recon. I guess I had two quesions if you’d be so kind.
When you do search engine recon. What are you typically looking for? (other than domains, I discover those with DNSdumpster).
The page also says to try and find information using Google Dorks. Do you guys have any favorite Google Dorks you like to utilize on each pentest?