Subdomain discovering as an essential part of the reconnaissance phase
2019-02-02, 11:40–13:10, Innohub (

In this presentation, I will talk about: DNS, DNS scrapping, DNS enumeration, and subdomain takeover.

As a penetration tester or a bug bounty hunter, most of the times you are given a single domain or a set of domains when you start a security assessment. You’ll have to perform extensive reconnaissance to find interesting assets like servers, web applications, domains that belong to the target organization so that you can increase your chances of finding vulnerabilities.

  • Linux based os (Kali Linux is Ok)
  • API Keys for: VirusTotal, Censys (use
  • Good mood
Telegeram channel