📕
The Red Book
  • 📕The Red Book
  • 🦳Stages of Ethical Hacking
    • 1️⃣Information Gathering
      • Active Information Gathering
        • DNS Zone Transfers
        • NMAP
        • netdiscover
        • sqlMap
        • Nikto
        • Shodan
        • RustScan
        • Amass
        • fping
      • Passive Information Gathering
        • Website Recon & Footprinting
        • Whois Enumeration
        • Netcraft
        • ⭐DNS
        • Identify if site is protected by firewall or proxy - wafw00f
        • Subdomain Enumeration - Sublist3r
        • ❌theHarvester (borked)
        • Email gathering
        • Leaked Password Databases
        • Certificates
    • 2️⃣Enumeration
      • SMB
        • Windows discover & Mount
        • NMAP Scripts
        • SMBMap
        • Samba with Linux
        • Dictionary Attack
      • FTP
      • SSH
      • HTTP
        • Subdomain
        • IIS
        • Apache
      • SQL
    • 3️⃣Vulnerability Assessment
      • Nessus
  • 💾System/Host Based Attacks
    • 🪟Windows
      • Frequently exploited Windows Services
    • 🐧Linux
  • 🥽Dorks
    • Google
      • Cheatsheet
      • Examples
    • Extra
  • 🎣Phishing
    • Gophish
    • evilgophish
    • King Phisher
    • EvilURL
  • 🔎OSINT
    • Temporary links
  • 👾Data exfiltration
    • Temporary links
  • 🐝OWASP
    • Top10
  • 📙Cheat Sheet
    • Curl
Powered by GitBook
On this page
  • Subfinder
  • Gospider
Edit on GitHub
  1. Stages of Ethical Hacking
  2. Enumeration
  3. HTTP

Subdomain

Subfinder

subfinder -d $TARGET -silent | httpx -silent -o url.txt

Gospider

gospider -d 0 -s "https://$DOMAIN" -c 5 -t 100 -d 5 --blacklist jpg,jpeg,gif,css,tif,tiff,png,ttf,woff,woff2,ico,pdf,svg,txt | grep -Eo '(http|https)://[^/"]+' | anew
PreviousHTTPNextIIS

Last updated 1 year ago

🦳
2️⃣