A penetration tester’s guide to sub-domain enumeration

by Bharath
Nov. 26, 2017 0 comments blog.appsecco.com Pen Testing & Audits

As a penetration tester or a bug bounty hunter, most of the times you are given a single domain or a set of domains when you start a security assessment. You’ll have to perform extensive reconnaissance to find interesting assets like servers, web applications, domains that belong to the target organisation so that you can increase your chances of finding vulnerabilities.