🩸
Pentesting Checklist
  • 👀General Checklist
    • 👁️Recon & Scanning
      • Nmap Scan
    • 🌡️Services
      • SSH
      • FTP
      • Samba
      • Git
      • SNMP
    • ⚙️Reverse Engineering
      • General
      • Android apks
      • Windows Exe or .net binaries
  • 🐞Web Application Checklist
    • 🧠Web App Attack Techniques
      • Password Smuggling Attack
    • 😍Fuzzing with ffuf
    • 💄Directory Fuzzing
      • Using the tools
      • Wordlists to use
    • 👾Subdomain Fuzzing
      • Normal fuzzing
      • Finding through DNS
    • 🎯LFI/RCE
      • LFI
        • What to do once obtained
      • RCE
      • Misc
  • ☕Linux Checklist
    • Page 2
  • 🪟Windows Checklist
    • 💀Windows Connection Methods
  • 🖇️Tips & Tricks
    • Transferring Files
      • 🐧Linux
      • 📸Windows
    • Pivoting / Lateral Movement Techniques
      • proxychains
      • chisel
      • sshuttle
      • ligolo-ng
    • 🧩Fuzzing
    • 🙃Credential Brute-Forcing
  • 🍒Other useful resources:
    • Page 7
Powered by GitBook
On this page
  1. Web Application Checklist

Subdomain Fuzzing

Directories are not the only ways systems can hide websites from you!

After finding a subdomain, make sure to add it to the /etc/hosts file and route it to the same ip as the normal site.

PreviousWordlists to useNextNormal fuzzing

Last updated 2 years ago

🐞
👾