/bugcrowd-levelup-subdomain-enumeration

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Primary LanguagePython

Esoteric sub-domain enumeration techniques - Bugcrowd LevelUp

This repository contains all the talk materials, videos and scripts from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference.

  1. cheatsheet.pdf - cheat sheet on the sub-domain enumeration techniques covered in the talk
  2. cloudflare_enum.py - A script to do DNS enumeration using Cloudflare service
  3. crt_psql.sh - Extract sub-domains for a given domain using crt.sh postgres interface
  4. esoteric_subdomain_enumeration_techniques.pdf - Slides from the talk
  5. subdomain_enum_censys.py - Extract sub-domains for a given domain using Censys.io API
  6. subdomain_enum_crtsh.py - Extract sub-domains for a given domain using crt.sh RSS feed
  7. subdomain_wordlist.txt - A collection of sub-domain names(around 3 million)

Presentation

Slides are available at: https://speakerdeck.com/yamakira/esoteric-sub-domain-enumeration-techniques

Video

Video is available at: https://youtu.be/e_Gq99CKAys

Feedback/Suggestions

@yamakira