Revision as of 20:20, 11 February 2020 by Trumad (Created page with "I'm [https://thannymack.com/ Thanael]. It's high time I joined this wiki. <big>Here's a tip:</big> Steps for enumerating (sub)domains: * Visit [https://opendata.rapid7.com/...")
I'm Thanael. It's high time I joined this wiki.
Here's a tip:
Steps for enumerating (sub)domains:
- Visit Rapid7's Sonar project
- Download the large dataset ending with "fdns_any.json.gz"
- This can be done in linux/mac terminal with wget -c LINK_TO_FILE
- Use zgrep in terminal to find subdomains related to the domain you're interested in
- If you're looking for subdomains.blogspot.com, for example, use this command on the file:
- zgrep .blogspot.com R7Date_fdns_any.json.gz > blogspot.txt
- Wait quite a while until zgrep finishes, and then let's get to archiving all the subdomains!