SMK Muhammadiyah 2 Palembang

Introducation
The Basics
Windows
Scripting With Python
Recon and Information Gathering Phase
- Passive information gathering
- Identify IP-addresses and Subdomains
Vulnerability analysis
Password Cracking
Pivoting - Port forwarding - Tunneling
- Pivoting
Network traffic
Wifi
- WPS
- WEP
Physical access to machine
Literature

Powered by GitBook

On this page

Recon and Information Gathering Phase

Identify IP-addresses and Subdomains

Find Subdomains

PreviousDorking Find Subdomains NextDNS Basics

Last updated 2 years ago

Finding subdomains is fundamental. The more subdomains you find, the bigger attack surface you have. Which means bigger possibility of success.

For now this seems to be a very comprehensive list of tools to find subdomains.

VirusTotalVirusTotal

URL and website scanner - urlscan.io

https://dnsdumpster.com/dnsdumpster.com

Domain Security, DNS Trails and IP Tools | SecurityTrailssecuritytrails

Subdomain Finder - C99.nl

Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server