Fierce
Fierce is an open source active recon tool to enumerate sub domains of a target website. This tool was written by Robert (RSnake) Hansen and comes pre-installed by default in Kali Linux.
The Fierce Perl script applies techniques such as zone transfer and wordlist brute-forcing to find subdomains of the target domain:
fierce -dns target.comLet's run Fierce against iitk.ac.in and see how it performs. It is shown in the following screenshot:
Voila, Fierce presented us with a list of subdomains. One thing to note is that Fierce enumerated the name servers of iitk.ac.in, and then tried to do a zone transfer on each. Luckily one of the name servers ...
Get Mastering Modern Web Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
