Tuesday, January 21, 2025

[TryHackMe] DNS Enumeration

 1) CA's Certificate Transparency logs

Use https://crt.sh/ to search the domain.


2) Google Hacking

Utilize the keywords, "site" and "inurl".


3) Employing the tool, dnsrecon

# dnsrecon -t brt -d DOMAIN


4) Employing another tool, sublist3r.py

# sublist3r.py -d DOMAIN


5) Leveraging Virtual Host through the tool, ffuf

# ffuf -w /usr/share/wordlists/SecLists/Discovery/DNS/namelist.txt -H "Host: FUZZ.DOMAIN" -u http://IP

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)