This is the process of gathering information about a target system or network. This information can be used to identify vulnerabilities, plan the attack, and assess the impact of the attack. If there are pages that can be found that shouldn’t be found by the user by crawling should also indicate weakness.
This is an automated tool that that can be used to enumerate subdomains of a target domain. Subdomains are often used by organizations to host applications with unpatched, critical vulnerabilities. A meticulous subdomain scan can help you get to these valuable findings much faster. Subdomain enumeration can give you insights into how an organization is structured, what services they offer, and so on
It will list subdomains as shown below.
crt.sh is a valuable tool for penetration testers and security analysts. It can be used to identify potential security vulnerabilities and to track the history of certificates for a particular domain. This information can be used to improve the security of websites and to protect users from malicious attacks. It shows service that may be running on the organization by the subdomains.
The subdomains and certificates will be listed as below.
Things to consider: