Sub-domain enumeration techniques

0
920

What is Sub-domain enumeration?

Sub-domain means Sub-division of domain.

As a Penetration Tester most of the time given a single domain to penetrate the website. Sub-doamin enumeration is part of the information-gathering of website or web app.

1 DNSdumpster

DNSDumpster uses open source intelligence resources to collect sub domain data. It can find potentially large number of sub-domains for a given domain

2 Virus Total

Virus Total run its own DNS replication service. User have to enter domain name or IP address of website and User will get the information of a domain.

Virus total

3 Using Google Dork

Google dork is an advanced technique search over the internet. Using dork “site:” keyword user will get sub-domain of the website.
“site:*.example.com -www -jobs -store -us”

4 DNSRECON – DNS ENUMERATION SCRIPT

DNSRecon is a Python-based DNS enumeration script designed. DNS reconnaissance is an important step when mapping out domain resources, sub-domains, e-mail servers and so on.

5 Knock Subdomain Scan

Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist.

LEAVE A REPLY

Please enter your comment!
Please enter your name here