Hacking
Hacking
Github
Twitter
Hacking & Penetration Testing
Commands
Methodologies
Buffer Overflow
Internal Network
Mobile Testing
Subdomain Enumeration
Web Application Testing
XSS
OOB
IDOR / PrivEsc
Misc
CSRF
XML
SQL
XML External Entities
Commands
Windows Commands
Guides
Mac OS Build
Build A Raspberry Pi Dropbox
Configuring Burpsuite Pro
BugBounty
Manual SQL Injection
Courses
Hack The Box
Legacy
Devel
Optimum
Popcorn
Beep
Tenten
Arctic
Cronos
Grandpa
Granny
October
Lazy
Sneaky
Holiday
Blocky
Shrek
Blue
Joker
Europa
Haircut
Bank
SolidState
Mantis
Shocker
Tally
Sense
Jeeves
Stratosphere
Inception
Bashed
Fluxcapacitor
Canape
Rabbit
Chatterbox
Nibbles
Sunday
Aragog
Valentine
Silo
Olympus
Poison
Celestial
Waldo
Jerry
Access
Active
Netmon
Powered by GitBook

Subdomain Enumeration

Gobuster

gobuster -m dns -w /path/to/wordlist.txt -u domain.com -i -q >> Subdomains.tmp
cat Subdomains.tmp | grep Found |x cut -d " " -f 2 > Subdomains.txt
rm Subdomains.tmp

SSL Scan

for i in $(cat wildcards.txt); do sslscan --no-colour --show-certificate $i | grep -E "Altnames:" | tee -a ssldomains.txt; done
cat ssldomains.txt | sed 's/DNS:/&\n/g' | cut -d "," -f 1 | sort -u  > ssldomains.tmp
cat wildcards.txt >> ssldomains.tmp
cat ssldomains.tmp | sort -u > ssldomains.txt
rm ssldomains.tmp

Amass

amass --passive -d DOMAIN.com

MassDNS

./bin/massdns -r resolvers.txt -t AAAA -w results.txt domains.txt

DNSdumpster

​https://github.com/PaulSec/API-dnsdumpster.com​

​

Methodologies - Previous
Mobile Testing
Next - Web Application Testing
XSS
Last updated 6 months ago
Contents
Gobuster
SSL Scan
Amass
MassDNS
DNSdumpster