## page was renamed from DNS/SubdomainTakeover/Enumeration ## page was renamed from DNS/hijacking/SubdomainTakeover/Enumeration = DNS/hijacking/SubdomainTakeover/Enumeration = The Art of Subdomain Enumeration https://blog.sweepatic.com/art-of-subdomain-enumeration/ サブドメインを見つける手段の解説 もっと便利な道具もある。:-< (Domain Historyの中) -- ToshinoriMaeno <> http://10degres.net/subdomain-enumeration/ (手法、ツール) https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6 https://twitter.com/CreedHackers/status/1067449832946745344 {{{ Oneliner Subdomain Enumeration using #Wayback 〰️🔙 curl -s "http://web.archive.org/cdx/search/cdx?url=*.qmail.jp/*&output=text&fl=original&collapse=urlkey" |sort| sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | uniq }}} Stop Using Python for Subdomain Enumeration April 20, 2019 by Alex Flores https://sec.alexflor.es/post/subdomain_enum/ https://twitter.com/nemessisc/status/1119329883824508933 Interesting for subdomain enumeration I like to user sublist3r on Kali but seems there is a project aiming to be the predecessor with a tool written in Go with very similar command line options: 5:00 - 2019年4月20日 https://github.com/subfinder/subfinder https://github.com/danielmiessler/SecLists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. https://www.owasp.org/index.php/OWASP… github tools related to subdomain enumeration like {{{ domained lazyrecon autorecon osmedus }}} Subbrute, Fernmelder, Amass https://securityonline.info/amass-subdomain-enumeration/ amass v2.9.9 releases: In-depth subdomain enumeration written in Go massdns + subbrute