Network Information

MITRE ATT&CK, Reconnaissance, Technique T1590

DNS Information

Subdomain enumeration is the process of finding valid resolvable subdomains for a companies domain(s). The more you can find, the more you can hack.

site:*.$domain -www)

# Passive subdomain enumeration
dome.py -m passive -d $domain

# Active enumeration
dome.py -m active -d $domain

# Passively enumerate subdomains
sublist3r.py -d $domain

# Enumerate subdomains and utilize the 'brute force' module
sublist3r.py -b -d $domain

# Enumerate subdomains
dnsrecon -d $domain

# Enumerate subdomains and perform a zone transfer
dnsrecon -a -d $domain

# Retrieve the target domains ASN number
amass enum -d $domain

# Actively enumerate subdomains
gobuster dns --domain $domain --wordlist $wordlist

Basic usage

python3 NetblockTool.py -v [COMPANY]

Extract ranges owned by the target company’s subsidiaries

python3 NetblockTool.py -v Company -s