Great explanation about subdomain enumeration as well as a cool tip about Aquatone for sifting through the results. Just subscribed and looking forward to more of your videos Sir!
Great stuff, the timestamps were helpful, but I do not understand the purpose of enumerating possible kinds of sub-domains for bug-bounty, what are the possible implications?
Each subdomain can point to a different host altogether. In addition to this, a single webserver can be configured with multiple virtual hosts, which allows it to display multiple websites (depending on which domain you go to).
I've been getting this question a lot lately -- maybe I'll do a whole video on that. Each port may have its own webserver virtual host configured to allow for multiple websites to run off the same box. This means that browsing to example(dot)com:80 might return a different webpage than example(dot)com:8080. Likewise, sub.example(dot)com:80 might return an additional different webpage, because subdomains may resolve to completely different IP addresses that take you to completely different machines. I hope this makes sense!
if i want to brute forcr subd for ex i want brute subdomains on: dev.test.com i want brute force on this subdomain to extract domains for ex: help.dev.test.com which way i can do that? thanks advanced
![The Wall Song ร้องข้ามกำแพง | EP.213 | กรีน อัษฎาพร | 3 ต.ค. 67 [1/5]](http://i.ytimg.com/vi/3KrlLbCsadI/mqdefault.jpg)
![เปิดบ้าน พี่ตูน Bodyslam หลังใหม่คนแรก ที่ภูเก็ต l [Nickynachat]](http://i.ytimg.com/vi/flFwcmyDQSk/mqdefault.jpg)
hands down best instructor ive come across, really great info thanks.
Great explanation about subdomain enumeration as well as a cool tip about Aquatone for sifting through the results. Just subscribed and looking forward to more of your videos Sir!
Glad it was helpful!
I really enjoy your way of presenting information. Thanks, dude!
That's awesome to hear -- thank you.
This is great education, thank you for sharing your knowledge with us in a fun way!
Thanks Justin, I'm glad you liked it!
very nice. the python server command at the end was excellent info! good job
that was such a good walkthrough, i learned quite a bit!
This is awesome to hear
Thankyou brother very good video .
You're like "im using vi u can use whatever u like" that flexing was EPIC! good video keep it up! Isnt it the same using Ffuf instead of wffuf?
Yeah I actually use ffuf now haha. Might make a new video showing it off.
Fantastic video. Very helpful indeed. thanks man! Subscibed and hit the bell.
Thanks for the sub!
Great content as always! Keep it up man
Thanks man!
Thank you very much 💝
Always welcome
I love you mahn,just discovered your channel and you've earned my sub 4sure.
Welcome aboard!
Great stuff, the timestamps were helpful, but I do not understand the purpose of enumerating possible kinds of sub-domains for bug-bounty, what are the possible implications?
Each subdomain can point to a different host altogether. In addition to this, a single webserver can be configured with multiple virtual hosts, which allows it to display multiple websites (depending on which domain you go to).
nice
Noob question: what we can do with different ports. For example if i came to know about 8080 port. How it is helpful for me when doing bug bounty?
I've been getting this question a lot lately -- maybe I'll do a whole video on that. Each port may have its own webserver virtual host configured to allow for multiple websites to run off the same box. This means that browsing to example(dot)com:80 might return a different webpage than example(dot)com:8080. Likewise, sub.example(dot)com:80 might return an additional different webpage, because subdomains may resolve to completely different IP addresses that take you to completely different machines. I hope this makes sense!
@@InfiniteLogins Thanks but i think a video is a good option to better understand this
i want this subdomain list
👍
how do i use my normal wordlists file
if i want to brute forcr subd for ex i want brute subdomains on:
dev.test.com
i want brute force on this subdomain to extract domains for ex:
help.dev.test.com
which way i can do that?
thanks advanced