Summary

This chapter covered how to discover information about a site's attack surface using automated scanners, passive proxy interception, and command-line utilities wired into our own homebrew setup, and a couple of things in between. You learned some handy third-party tools, and also how to use them and others within the context of custom automation. Hopefully you've come away  not only with a sense of the tactics (the code we've written), but of the strategy as well (the design behind it).