Subdomain Enumeration (Pentest)

Kali ini saya ndak cerita nabi-nabi lagi 😀 tetapi bahas tentang layanan dan perangkat lunak yang dapat digunakan untuk menemukan subdomain. Silahkan cek di Wikipedia apa itu subdomain? Atau bisa googling agar lebih yakin biar ndak tersesat. 😀
Subdomain yang tidak diproteksi sangat berbahaya, karena dapat dipakai penyusup untuk membypass proteksi keamanan.

Crt.sh
https://crt.sh

Cencys
https://cencys.io

Shodan
https://shodan.io

Pentest-Tools
https://pentest-tools.com

Detectify
https://detectify.com

DNSdumpster
https://dnsdumpster.com

Virustotal
https://virustotal.com

ImmuniWeb
https://immuniweb.com

Netcraft
https://searchdns.netcraft.com

Nmmapper
https://searchdns.netcraft.com

Spyse
https://spyse.com/

Sublist3r
https://github.com/aboul3la/Sublist3r/

git clone https://github.com/aboul3la/Sublist3r.git
cd sublist3r
./sublist3r.py -d NamaWebsite.com

CTFR
https://github.com/UnaPibaGeek/ctfr/

git clone https://github.com/UnaPibaGeek/ctfr.git
cd ctfr
pip3 install -r requirements.txt
python3 ctfr.py -d NamaWebsite.com

Knock
https://github.com/guelfoweb/knock/

git clone https://github.com/guelfoweb/knock.git
cd knock
pip install -r requirements.txt
chmod +x setup.py
python setup.py -h
python setup.py install
knockpy NamaWebsite.com

Nmap
https://nmap.org/

nmap -sV NamaWebsite.com –script dns-brute

12 Juli 2020 22.26 PM
RuangKerja memakai iMac 27″

Leave a Reply

Your email address will not be published. Required fields are marked *

3 + four =

Calendar

December  2020
Mon Tue Wed Thu Fri Sat Sun
   
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31