Network Information

MITRE ATT&CK, Reconnaissance, Technique T1590

PreviousIdentifying Users NextSearch Engines

Last updated 1 year ago

Network Information

MITRE ATT&CK, Reconnaissance, Technique T1590

DNS Information

Subdomain enumeration is the process of finding valid resolvable subdomains for a companies domain(s). The more you can find, the more you can hack.

Google Dork

site:*.$domain -www)

Dome

# Passive subdomain enumeration
dome.py -m passive -d $domain

# Active enumeration
dome.py -m active -d $domain

Sublist3r

# Passively enumerate subdomains
sublist3r.py -d $domain

# Enumerate subdomains and utilize the 'brute force' module
sublist3r.py -b -d $domain

DNSRecon

# Enumerate subdomains
dnsrecon -d $domain

# Enumerate subdomains and perform a zone transfer
dnsrecon -a -d $domain

Amass

# Retrieve the target domains ASN number
amass enum -d $domain

Gobuster

# Actively enumerate subdomains
gobuster dns --domain $domain --wordlist $wordlist

IP Addresses

Hurricane Electric Internet Services

SecurityTrails

NetBlockTool

Basic usage

python3 NetblockTool.py -v [COMPANY]

Extract ranges owned by the target company’s subsidiaries

python3 NetblockTool.py -v Company -s

Network Information

Network Information

DNS Information

Google Dork

Dome

Sublist3r

DNSRecon

Amass

Gobuster

IP Addresses

Hurricane Electric Internet Services

SecurityTrails

NetBlockTool

References

References

DNS Information

IP Addresses

DNS Information

Google Dork

Dome

Sublist3r

DNSRecon

Amass

Gobuster

IP Addresses

Hurricane Electric Internet Services

SecurityTrails

NetBlockTool

References

References

DNS Information

IP Addresses