Enumeration

Enumeration is the process of finding sites/domains/paths that may be of interest

  • Passive
    • Artifacts
    • Google
    • DNS Dumpster
    • Domains with a shared SSL certificate
    • crt.sh
    • Wolfram Alpha
    • amass
  • Active
    • Brute force
    • Directory Enumeration
    • dirb
    • dirbuster
    • gobuster
    • DNS Enumeration
    • subbrute
    • sublist3r
    • fierce.pl
  • Other
    • altdns
    • dmut
    • gotator

Defense

  • Delete content that isn't necessary
  • Restrict access to non-hardened content
  • Test your applications, fix the bugs