Archive for May 29th, 2010

During the Information Gathering section of a pentest, we are interested in finding out the various sub-domains of our target domain. In the past few tutorials we queried DNS servers using zone transfer requests or trying to retrieve entries using a dictionary & brute-forcing attacks. Another technique to figure out sub-domains is to query google and check if it has found any sub-domains during it’s web mining exercise on the target. Goorecon can do this. Goorecon was written by Carlos (Darkoperator) Perez.

Read the rest of this entry »

Tags: , , , , , , , ,

Comments 1 Comment »