Subdomain

Subdomain Enumeration

Enumeracion de subdominios mediante diferentes metodos

WayBackUrls

echo 'domain.com' | waybackurls | cut -d '/' -f 3 | cut -d ':' -f 1 | sort -u > subdomains.txt

Crt.sh

GitHub - az7rb/crt.sh: Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.GitHub

crt.sh -d domain.com

Sublist3r

GitHub - aboul3la/Sublist3r: Fast subdomains enumeration tool for penetration testersGitHub

sublist3r -d domain.com

Subfinder

GitHub - projectdiscovery/subfinder: Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.GitHub

subfinder -d domain.com -o subdomains

Amass

GitHub - owasp-amass/amass: In-depth Attack Surface Mapping and Asset DiscoveryGitHub

amass enum -active -d domain.com -brute -w dns-Jhaddix.txt -o subdomains

Wordlist

SecLists/Discovery/DNS/dns-Jhaddix.txt at master · danielmiessler/SecListsGitHub

Last updated 10 months ago