Tag: Evaluation
-
Certificate Discovery: Subdomain Enumeration
In the ever-expanding landscape of cybersecurity, subdomain enumeration remains a pivotal aspect of reconnaissance. Traditional methods often involve brute-force or dictionary attacks, but a more sophisticated approach involves querying certificate transparency logs provided by services like crt.sh and Censys.io. In this article, we’ll explore the rationale behind using certificate records for subdomain enumeration, understand the…