Hunting Subdomains Part 1

Sublist3r

Command 1:

sudo apt install sublist3r

Explanation:

  • sudo: Runs the command with superuser (administrator) privileges.

  • apt: This is the Advanced Package Tool, used on Debian-based Linux distributions like Ubuntu to manage software.

  • install: Tells apt to install the specified package.

  • sublist3r: The name of the tool you want to install.

This command installs Sublist3r, which is a Python-based tool designed for subdomain enumeration.

Command 2:

sublist3r -d tesla.com

Explanation:

  • sublist3r: Runs the Sublist3r tool.

  • -d: This option specifies the domain you want to enumerate subdomains for.

  • tesla.com: The target domain you're scanning.

This command searches for subdomains of tesla.com using public sources like:

  • Google

  • Yahoo

  • Bing

  • Netcraft

  • Virustotal

  • ThreatCrowd

  • DNSdumpster

  • and more.

What is Subdomain Enumeration?

Subdomain enumeration is the process of finding subdomains under a main domain (e.g., shop.tesla.com, service.tesla.com, etc.). It's commonly used in:

  • Reconnaissance during penetration testing

  • Bug bounty hunting

  • Security assessments

https://crt.sh/
PreviousHunting Breached Credentials with DeHashedNextHunting Subdomains Part 2

Last updated