Update your browser to view this website correctly. Update my browser now
Everyone has their list of hostnames they brute force domains with. In my last post I even mentioned a few ways to use one with XARGS or PARALLEL. But one fact about wordlist brute forcing is that there is no "one list to rule them all". But over the years of doing DNS record collection I have noticed one thing, most domains have a large number of short hostnames that are easy to remember, usual…
Quick update: As @MikeDamm points out, xargs has a -P option that can do the same thing I’m using parallel for. If you have a supported version of xargs you can use -P 0 to do the same thing as -j0 with parallel, but if your version doesn’t support the 0 you can simply use the same number parallel uses ala: cat subdomains.txt | xargs -P 122 -I subdomain dig +noall subdomain.microsoft.…