Day 65 comes with account takeover and favicon.ico for recon.
Account Takeover and Sensitive Data Leakage via CORS Misconfiguration
Favicon.ico and OSINT
From Sam (CoffeeJunkie). While scrolling stuff on twitter,
favicon.ico seemed to be a topic related to recon and different usages according its hash. It was curious to see what other people achieved to do with this and reminded me of ShodanIsh by 4z1zu. We talked about it back then in day 14. So if you’re curious take a look!