Normal fuzzing

fuzzing with usual fuzzing tools

  • For this to work, add the normal domain (Ex: apple.htb) to /etc/hosts and route to the ip

    • wfuzz -H 'Host: FUZZ.domain' -u 'domain' -w /usr/share/seclists/Discovery/DNS/combined_subdomains.txt -f subdomains.txt

      • Figure out what it repeats under word category and rerun the command adding in the option —hw num_of_words

PreviousSubdomain FuzzingNextFinding through DNS

Last updated