Recon - Subdomain Enumeration Playground

Bootcamp: Rapid Threat Modeling with GenAI & LLMs - June 6-7, 2024. Only 12 seats left - Secure your spot!
Learning Path
Offensive Security
Ideal for
Security Architect
Security Engineer
Cloud Labs

Reconnaissance or information gathering is one of the least ‘glamorous’ parts of a hacker’s playbook, but in many ways is the most important. Subdomain enumeration—identifying all the subdomains of a given domain—is a way for attackers to find potential targets to exploit or misconfigured DNS entries.

This Playground is all about using various recon techniques to perform subdomain enumeration. We start by looking at passive enumeration, where attackers make use of publicly available data and query DNS records. Next, you’ll learn active subdomain enumeration, where you’ll be sending requests and directly interacting with the web application.

Using a host of permutations, we’ll be learning all these techniques using hands-on labs. This being a Playground, you’ll have a sandbox-style environment where you can play around with the code and freely attempt exploits of your own on the network.

You might also like these courses

Or explore these Learning Paths


Passive Subdomain Enumeration

Active Subdomain Enumeration

Active Subdomain Enumeration With Permutations

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started

Contact Support

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023