🔖Subdomain Enumeration - Recursive
💡Note:
🧑💻Workflow:
🔴Step-1
🔴Step-2
🔴Step-3
🔴Step-4
🔴Step-5
👇🏻Check the Example Script on the next post.
#CyberSecurity #bugbountyTools #bugbounty #reconnaissance #infosec #bugbountytips
🔹 Share & Support Us 🔹
💬 Channel : @Hide_Club
💡Note:
This technique is only useful when your target has a large number of multi-level subdomains(not effective for small & medium scope targets). Execute this technique as the final step.
🧑💻Workflow:
🔴Step-1
Read the list of subdomains from the file "subdomains.txt".
🔴Step-2
Process the subdomains in two steps:
a) Find the Top-10 most frequent occuring Second-Level Domain names with the help of tools like cut, sort, rev, uniq, etc.
b) Find the Top-10 most frequent occuring Third-Level domains.
🔴Step-3
Now run passive subdomain enumeration on these 10 Second-level domain names and 10 Third-level domain names using tools like amass, subfinder, assetfinder, findomain.
🔴Step-4
Keep appending the results to passive_recursive.txt file.
🔴Step-5
Now after finding out the a list of domain names, run puredns to DNS resolve them and find the alive subdomains.
Replace subdomains.txt with the filename of your subdomains list.
👇🏻Check the Example Script on the next post.
#CyberSecurity #bugbountyTools #bugbounty #reconnaissance #infosec #bugbountytips
🔹 Share & Support Us 🔹
💬 Channel : @Hide_Club