Enumerate Hostnames via Root Domain DNS Brute Force
Enumerate subdomains of a list of domains via DNS brute force
Outputs
subdomainssubdomain-details
Enumerate Hostnames via Root Domain DNS Brute Force
Description
Enumerate subdomains of a list of domains via DNS brute force. The module uses an effective built-in subdomain enumeration wordlist and provides the option to provide a custom list tailored to your organization’s naming conventions. For accuracy and reliability, it relies on a daily updated list of DNS resolvers and cross-checks findings with a curated set of trusted resolvers. Additionally, it includes a wildcard filter to weed out any false positives.
Features
- Built-in wordlist with an option to use a custom one tailored to your target.
- A daily validated list of resolvers to ensure accuracy.
- Result verification using manually curated trusted resolvers.
- A wildcard filter takes care of false positives.
- Can enumerate thousands of domains simultaneously.
Inputs
Required
- domains: a list of domain names
Optional
- wordlist: a custom subdomain enumeration wordlist
Outputs
- subdomains: a list of found subdomains
- subdomain-details: JSONLines records of subdomain discovery details.
Changelog
- v1.0.0
- Initial release
- v1.0.1
- Improve wildcard filtering