The Art of Subdomain Enumeration

What is this book about?

This book intendes to be a reference for subdomain enumeration techniques. This book discusses the some sub-domain enumeration techniques, tooling around these techniques and also mitigation. In this book, we will mostly looks at things from an attacker perspective but we will also discuss the defensive steps where ever possible.

Who this book is for?

The intended audience for this book are -

  1. Penetration testers, who would like to expand their arsenal with some interesting and effective enumeration techniques
  2. Bug bounty hunters that are looking for ways to enumerate more subdomains to increase their chance of finding bugs
  3. System administrators who are responsible for deploying/maintaining SSL/TLS, DNS or DNSSEC infrastructure

What you need for this book?

For the most part of the book, it doesn't matter what Operating System you are running but some tools mentioned in this book will run only on *nix systems so it is preferred that the reader has access to a *nix system with enough privileges to install packages so that they can install necessary tools and follow along.

All the scripts mentioned in this book are available in the Github repo of this book -

Reader feedback

Feedback from readers is expected and appreciated. We are actively looking forward to improving the book. Let us know what you think about this book — what you liked or may have disliked. Reader feedback is important for us to develop more books.

If you find mistakes, omissions, errors or blatant lies in this document, please send me a refreshed version of the affected paragraph and I will make amended versions. I will give proper credits to everyone who helps out! I hope to make this document better over time.

You can provide the feedback directly to the author via social media or raise an issue in the official Github repository for this book at

results matching ""

    No results matching ""