Description:
In the Information Gathering stage of a pentest, we are interested in finding out the various sub-domains of our target domain. As we have seen in previous videos, querying DNS servers using zone transfer requests or trying to retrieve entries using a dictionary / brute-forcing attack, is a good start, but fails in most cases. Another alternate technique to figure out sub-domains is to query google and check if it has found any sub-domains during it's web mining exercise on the target.
Goorecon is just the tool we need in order to do this.
In this video, we will find the various publicly available sub-domains of Cnn.com using Goorecon. Goorecon is included in Backtrack 4.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: