Authors:
G. Jaspher Kathrine,Ronnie T. Baby,V. Ebenzer3,DOI NO:
https://doi.org/10.26782/jmcms.2020.06.00013Keywords:
reconnaissance,web security,application security,Abstract
Reconnaissance or footprinting is the technique used for gathering information about computer systems and the entities they belong to. To exploit any system, a hacker might use various tools and technologies. This information is very useful to a hacker who is trying to crack a whole system. Subdomain enumeration plays a vital role in reconnaissance. Enumeration of subdomains provide an important insight towards the various underlying architecture and enable to find hidden user interfaces and admin panels. The less infrequent and unknown the domain name, the less visitors will visit the site. This enables a blindspot for the easy finding of low hanging vulnerabilities. Some of the most popular various tools used for recon on domains are Amass, Subfinder, KnockPy, altdns, sublis3r. We have done a comparative study and analysis of various functions of these tools on parameters like uniqueness, accuracy, complexity and conclude which works in certain scenarios along with static code analysis to find weak spots within the code infrastructure of each of the tools.Refference:
I. A. Kothia, B. Swar and F. Jaafar, “Knowledge Extraction and Integration for Information Gathering in Penetration Testing,” 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C), Sofia, Bulgaria, 2019, pp. 330-335.
II. Adiwal, Sanjay &Rajendran, Balaji&Shetty, Pushparaj.(2018). Domain Name System (DNS) Security: Attacks Identification and Protection Methods.
III. AlkaAgrawal, MamdouhAlenezi, Rajeev Kumar and Raees Ahmad Khan, Securing Web Applications through a Framework of Source Code Analysis, Journal of Computer Science,Volume 15, Issue 12,Pages 1780-1794
IV. https://github.com/aboul3la/Sublist3r
V. https://github.com/guelfoweb/knock
VI. https://gitlab.com/paperrepo/subdomain-enumeratioon
VII. https://github.com/infosec-au/altdns
VIII. https://github.com/OWASP/Amass
IX. https://github.com/projectdiscovery/subfinder
X. K. Nirmal, B. Janet And R. Kumar, “Web Application Vulnerabilities- The Hacker’s Treasure,” 2018 International Conference On Inventive Research In Computing Applications (Icirca), Coimbatore, India, 2018, Pp. 58-62
XI. P. Harika Reddy SurapaneniGopi Siva SaiTeja,Cyber Security and Ethical Hacking,International Journal for Research in Applied Science & Engineering Technology (IJRASET),Volume 6 Issue VI, June 2018
XII. Richard Roberts and Dave Levin. 2019. When Certificate Transparency Is Too Transparent: Analyzing Information Leakage in HTTPS Domain Names. In Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society (WPES’19).Association for Computing Machinery, New York, NY, USA, 87–92.
XIII. Russell, Rebecca & Kim, Louis & Hamilton, Lei &Lazovich, Tomo&Harer, Jacob &Ozdemir, Onur&Ellingwood, Paul &McConley, Marc. (2018). Automated Vulnerability Detection in Source Code Using Deep Representation Learning. 757-762. 10.1109/ICMLA.2018.00120.
XIV. S. M. Zia Ur Rashid ImtiazKamrulImtiazKamrulAsrafulAlamAsrafulAlam,Understanding the Security Threats of Esoteric Subdomain Takeover and Prevention Scheme, Conference: 2019 International Conference on Electrical,doi: 10.1109/ECACE.2019.8679122
XV. Siavvas M., Gelenbe E., Kehagias D., Tzovaras D. (2018) Static Analysis-Based Approaches for Secure Software Development. In: Gelenbe E. et al. (eds) Security in Computer and Information Sciences. Euro-CYBERSEC 2018.Communications in Computer and Information Science, vol 821. Springer, Cham
XVI. Thomassen, P., Benninger, J., &Margraf, M. (2018).Hijacking DNS Subdomains via Subzone Registration: A Case for Signed Zones. OJWT, 5, 6-13.