What is DNS (Subdomain) Bruteforcing?

Nova Security

Mar 24, 2024 — 1 min read

What is DNS (Subdomain) Bruteforcing?

If you are an experience penetration tester, bug bounty hunter or have experience in web security, you probably have heard of DNS or Subdomain bruteforcing before.
It is a technique often used in the reconnaissance phase of your testing to further help map out your entire attack surface.

What is DNS (Subdomain) Bruteforcing?

DNS or Subdomain brute-forcing is a method of systematically checking possible subdomain names to reveal which ones are currently in use. This is done by sending DNS requests for potential subdomains and analyzing the responses. If a response indicates that a subdomain exists (i.e. returns a NOERROR DNS response), it is added to the list of discovered subdomains.

This technique is called "brute-forcing" because it involves trying a large number of possibilities in a systematic manner, similar to how one might brute-force a password by trying many different combinations. The list of potential subdomains can be generated using wordlists, which are text files containing a large number of possible subdomain names.

Nova Security Scanner now is able to perform DNS bruteforcing to further help you map out the real entire attack surface of your target.

Exploring Hidden Attack Surfaces: Performing Better Content Discovery

Exploring Hidden Attack Surfaces is a new blog post series curated by Nova Security for the community to help you on your way to discover any attack surfaces that most current tools are not capable of. Part 2 is dedicated to performing better content discovery so that you can have

What Is Targeted Bruteforcing?

Targeted bruteforcing in content discovery is a lesser-known and more sophisticated technique of bruteforcing. It is also a more effective approach and it likely also yields more accurate results. In content discovery, targeted bruteforcing consists of 2 separate steps. The first step is to identify the technologies used by the

What Is An Automated Web Security Audit?

An automated web security audit is a process of using scanners to scan (such as Nova Security Scanner) and test web applications for security vulnerabilities and misconfigurations. The goal of an automated web security audit is to identify and mitigate any potential security risks before they can be exploited by

Why Template-Based Scanning Is Gaining Popularity Among Enterprise Security Teams

Meanwhile, it is a fact that template-based scanning gained popularity among security teams as it is an easy, fast way to perform web security audits... We are going to cover the 3 main benefits of this automated scan type and, by the end of this article, also help you set

What is DNS (Subdomain) Bruteforcing?

Read more

Exploring Hidden Attack Surfaces: Performing Better Content Discovery

What Is Targeted Bruteforcing?

What Is An Automated Web Security Audit?

Why Template-Based Scanning Is Gaining Popularity Among Enterprise Security Teams