See Recon
Enumerating subdomains is vital for attack surface mapping. A huge amount of tools and methods exist for this, such as visiting crt.sharrow-up-right or using Gobuster. I recommend using a blend of tools/sources, such as:
Subfinderarrow-up-right
GoBusterarrow-up-right (DNS Mode)
Sublist3rarrow-up-right
Use a port scanner (like RustScan) to scan targets and Gowitness to triage hosted web applications for investigation.
Last updated 5 months ago