Fierce is an open source active recon tool to enumerate sub domains of a target website. This tool was written by Robert (RSnake) Hansen and comes pre-installed by default in Kali Linux.
The Fierce Perl script applies techniques such as zone transfer and wordlist brute-forcing to find subdomains of the target domain:
fierce -dns target.com
Let's run Fierce against
iitk.ac.in and see how it performs. It is shown in the following screenshot:
Voila, Fierce presented us with a list of subdomains. One thing to note is that Fierce enumerated the name servers of iitk.ac.in, and then tried to do a zone transfer on each. Luckily one of the name servers ...