mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-17 05:05:16 +03:00
1.5 KiB
1.5 KiB
Subdomain Enumeration Report Template
Engagement Details
- Target Domain: [domain]
- Date: [date]
- Assessor: [name]
- Scope: Passive subdomain enumeration only
Executive Summary
Performed passive subdomain enumeration against [domain] using Subfinder and complementary tools. Discovered [N] unique subdomains, of which [M] are live and responding to HTTP requests.
Methodology
- Passive subdomain enumeration using Subfinder with all available sources
- DNS resolution and validation using dnsx
- HTTP probing with httpx for live host identification
- CNAME analysis for subdomain takeover risk assessment
Results Summary
| Metric | Count |
|---|---|
| Total Subdomains Discovered | |
| Live HTTP Hosts | |
| Unique IP Addresses | |
| Subdomain Takeover Candidates | |
| Cloud-Hosted Subdomains |
Live Hosts
| Subdomain | IP Address | Status Code | Title | Technologies |
|---|---|---|---|---|
Subdomain Takeover Risks
| Subdomain | CNAME Target | Service | Risk Level |
|---|---|---|---|
Recommendations
- Remove dangling DNS records for decommissioned services
- Claim or remove CNAME records pointing to unclaimed cloud resources
- Restrict access to development and staging subdomains
- Implement continuous subdomain monitoring for new asset detection
- Review cloud service configurations for publicly accessible resources