Passive sub-domain enumeration

What is passive sub-domain enumeration?

  • Passive sub-domain enumeration is where an attacker/tester gathers sub-domain information without generating any traffic directly between him and the infrastructure managed by the target organization
  • The objective is to be stealthy and leave low or no footprint

List of passive sub-domain enumeration techniques

  1. Certificate Transparency
  2. Using search engines
  3. Using DNS aggregators
  4. ASN discovery
  5. Subject Alternate Name(SAN)
  6. Using public datasets
  7. DNS enum using Cloudflare

results matching ""

    No results matching ""