1) Manual Discovery
whois (whois tryhackme.com)
nslookup (nslookup -type=MX tryhackme.com 8.8.4.4)
dig (dig @8.8.4.4 tryhackme.com MX)
2) Automated Discovery
gobuster (gobuster dns -d DOMAIN -w /usr/share/seclists/Discovery/DNS/namelist.txt)
3) OSINT
DNS Dumpster (https://dnsdumpster.com/)
Shodan (https://www.shodan.io/)
No comments:
Post a Comment