Subdomain Enumeration:

Note:

• All the passive techniques will be covered by subdomain enumeration tools ex: subfinder, Amass etc.

• In order to cover the active enumeration, we need a good word lists and resolver list for finding the subdomains. Ex: massdns, puredns.