Data Structure
Java
Python
HTML
Interview Preparation
- Tutorials
- Courses
- Tracks
During an assessment, you want to enumerate subdomains without alerting target detection systems. Which approach balances thoroughness and stealth?
Last Updated :
Discuss
Comments
During an assessment, you want to enumerate subdomains without alerting target detection systems. Which approach balances thoroughness and stealth?
Use passive sources (CT logs, passive DNS), limited-rate queries to resolvers, and targeted brute-force only against likely names with randomized timing and the operator’s consent
Run a massive, multi-threaded brute-force against the authoritative server from many distributed IPs (no risk)
Use continuous AXFR attempts until it succeeds
Use DNS amplification queries to elicit responses faster
This question is part of this quiz :
Cyber Quiz Day 30Tags:
Share your thoughts in the comments
GeeksforGeeks