Background
If you need to map out an organisation’s external facing assets, Dnsdumpster.com is a great resource. This website allows you to see all of the domains and IP addresses that are associated with a particular website. This can be really helpful in understanding how an organisation’s online presence is structured.
To use Dnsdumpster.com, simply enter the website’s URL into the search bar. The website will then show you all of the domains and IP addresses that are associated with that URL. You can also export the data to a CSV file for further analysis.
This website is a great way to passively map out an organisation’s external assets.
Story
During an ethical hacking engagement, I found an interesting open source tool called dnsdumpster. It allows you to easily lookup DNS records for a domain. I decided to use it to perform a reconnaissance on the target domain. I was able to find several DNS records that I was not expecting, including an email server and a web server. This information was very useful in furthering my analysis of the target domain.
Exercise
Use dnsdumpster.com to passively map an organisation’s external facing assets.
Record yourself doing the work and submit your video for review.