SubDomain Enumeration With fierce Tool-Backtrack 5 R3

Introduction


Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains.  It's really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require that you already know what IP space you are looking for. This does not perform exploitation and does not scan the whole internet indiscriminately.  It is meant specifically to locate likely targets both inside and outside a corporate network.  Because it uses DNS primarily you will often find mis-configured networks that leak internal address space. That's especially useful in targeted malware.


Procedure Of Using This Tool


How To Open it :-





    • To open it goto Backtrack >> Information Gathering >> Network Analysis >> DNS Analysis >> fierce. Or you can open it through Terminal, type "cd /pentest/enumeration/dns/fierce". Hit Enter.



 

Sub-Domain Enumeration With fierce Tool-Backtrack 5 R3


Simple Usage:-




  • To use this tool we have to use this command, ./fierce.pl -dns <domain>


 

Sub-Domain Enumeration With fierce Tool-Backtrack 5 R3


What Happen If Zone Transfer Falied :-




  • If Zone Transfer Fails, it will automatically start brute-forcing the Domain.


SubDomain Enumeration With fierce Tool-Backtrack 5 R3

 

 

Usage With Options:-

  • To see the available options, type ./fierce.pl -dns <domain name> <option>. One example ./fierce.pl -dns xyz.com -wordlist <wordlist path>


 

SubDomain Enumeration With fierce Tool-Backtrack 5 R3


Conclusion :-


In this tutorial we have learn how to use enumerate sub domains using fierce tool. Feel free to ask if you have any question.


This tutorial is only for educational purpose. Im not responsible for any type of illegal activity done by you.

0 comments: