Posted by : moamjad

 Subdomain Enumeration — TryHackMe Walkthrough 2022 | by Pratik Dhavade |  System Weakness


 # Finding subdomains used by the target organization is an effective way to increase the attack surface and discover more vulnerabilities.  
 # The script will use a list of potential subdomains and prepends them to the domain name provided via a command-line argument.  
 # The script then tries to connect to the subdomains and assumes the ones that accept the connection exist.  
 
import requests      #The requests module allows you to send HTTP requests using Python. 
import sys              # The sys module provides functions and variables which are used to manipulate different parts of the Python Runtime Environment. It lets us access system-specific parameters and functions 

#make a subdomain list and read it 

sub_list = open("subdomains.txt").read() 
subdoms = sub_list.splitlines() 					# The splitlines() method splits a string into a list. The splitting is done at line breaks. 

# Create For loop to take the list of subdomains (subdomains)  and run http request  

for sub in subdoms:
    sub_domains = f"http://{sub}.{sys.argv[1]}" 

    try:
        requests.get(sub_domains)    	 			#make a GET Request 
    
    
    except requests.ConnectionError:  			# IF the Request  Failed then Pass 
        pass
    
    else:
        print("Valid domain: ",sub_domains)   
        

Leave a Reply

Subscribe to Posts | Subscribe to Comments

- Copyright © Quarks - Blogger Templates - Powered by Blogger - Designed by Johanes Djogan -