Hello everyone,
We are back again with another writeup. So first let’s talk about our recon process.
If you know about scope based Recon (Check our recon series Playlist 1 and Playlist 2). So one of the starting phase of recon is subdomain enumeration.
So First let me tell you how I used to do Subdomain Enumeration.
I love this part very much as I need not to sit on my computer and perform the tasks. I have made a bash script for that but also I can perform some of the tasks on my mobile phone.
You must have used or at least listened about Termux.
So it is a terminal emulator for Android device so you can change your mobile phone from a normal person’s mobile to a hackers mobile phone.
So first I used assetfinder
Then subfinder and amass
And there are many other too we will talk about them some other day.
I think you guys also use the same tools or the same methodology and these tools are working fine. But I got to know about a new tool that is bbot.
Before knowing about the tool let’s see what people are saying about this tool.
People are loving the tool.(You should also give it a try)
BBOT (Bighuge BLS OSINT Tool) is a recursive internet scanner inspired by Spiderfoot, but designed to be faster, more reliable, and friendlier to pentesters, bug bounty hunters, and developers.Special features include:Support for Multiple TargetsWeb ScreenshotsSuite of Offensive Web ModulesAI-powered Subdomain MutationsNative Output to Neo4j (and more)Python API + Developer Documentation
Comparison to Other Tools
BBOT consistently finds 20-50% more subdomains than other tools. The bigger the domain, the bigger the difference.
How the tool works?
For more info visit
I hope you enjoy this one and I see you next time 😉
Take care, happy hacking!
Comentários