Scribd Logo
Upload

Welcome to Scribd!

  • Subdomain Enumeration Cheat Sheet: @yamakira

    Uploaded by

    Pramod Vishwakarma
    72 views1 page
    This document provides a cheat sheet for subdomain enumeration techniques including searching certificate transparency logs and DNS datasets, zone walking using NSEC and NSEC3 records, zone transfers, and installing related tools like ldnsutils and nsec3walker. It lists commands and resources for extracting subdomains, walking zones, performing zone transfers, and compiling nsec3walker to enumerate subdomains.

    Original Description:

    Original Title

    cheatsheet.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a cheat sheet for subdomain enumeration techniques including searching certificate transparency logs and DNS datasets, zone walking using NSEC and NSEC3 records, zone transfers, and installing related tools like ldnsutils and nsec3walker. It lists commands and resources for extracting subdomains, walking zones, performing zone transfers, and compiling nsec3walker to enumerate subdomains.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    72 views1 page

    Subdomain Enumeration Cheat Sheet: @yamakira

    Uploaded by

    Pramod Vishwakarma
    This document provides a cheat sheet for subdomain enumeration techniques including searching certificate transparency logs and DNS datasets, zone walking using NSEC and NSEC3 records, zone transfers, and installing related tools like ldnsutils and nsec3walker. It lists commands and resources for extracting subdomains, walking zones, performing zone transfers, and compiling nsec3walker to enumerate subdomains.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 1

    Subdomain enumeration cheat sheet

    Certif​icate Transp​arency logs - search Zone walking - NSEC Zone walking - NSEC3 - nsec3w​alker
    engines
    $ ldns-walk @<n​ame​ser​ver> <do​mai​n> $ ./collect insecu​red​ns.com >
    https:​//c​rt.sh/ insecu​red​ns.c​om.co​llect
    $ ldns-walk @ns1.i​nse​cur​edn​s.com
    https:​//c​ens​ys.io/ insecu​red​ns.com $ ./unhash <
    https:​//g​oog​le.c​om​/tr​ans​par​enc​yre​por​t/h​ttp​s/ct/ insecu​red​ns.c​om.co​llect >
    Installing ldns utilities
    $ sudo apt-get install ldnsutils # insecu​red​ns.c​om.un​hash
    Extracting sub-do​mains from Rapid7 FDNS
    On Ubuntu​/De​bian Installing nsec3w​alker on Ubuntu 16.04:
    dataset
    $ yum install ldns # On $ wget
    $ zcat <da​tas​et_​nam​e> | jq -r 'if (.name |
    Redhat​/Ce​ntOS https:​//d​nsc​urv​e.o​rg/​nse​c3w​alk​er-​20
    test("​\\.e​xam​ple​\\.c​om​$")) then .name else
    1​012​23.t​ar.gz
    empty end'
    Zone transfer $ tar -xzf
    $ zcat 201702​04-​fdn​s.j​son.gz | jq -
    nsec3w​alk​er-​201​012​23.t​ar.gz
    $ dig AXFR @<n​ame​ser​ver> <do​mai​n>
    r 'if (.name |
    $ cd nsec3w​alk​er-​201​01223
    $ dig AXFR @ns1.i​nse​cur​edn​s.com
    test("​\\.e​xam​ple​\\.c​om​$")) then
    $ make
    insecu​red​ns.com
    .name else empty end'

    Rapid7 · Forward DNS dataset


    https:​//s​can​s.i​o/s​tud​y/s​ona​r.f​dns_v2

    Bharath
    @yamakira_
    appsecco.com

    You might also like