Ruyynn | OSINT & PentestingMar 14

Hello infosec community

I'm a developer interested in cybersecurity, OSINT, and reconnaissance tooling. Lately I've been spending time building small open-source tools in Python and learning more about how different recon techniques work in practice.

Most of my projects focus on things like subdomain discovery, endpoint extraction, and attack surface mapping. I'm still learning a lot and experimenting with different approaches.

Looking forward to connecting with other researchers and developers here and learning from the discussions in the community.

#CyberSecurity #OSINT #InfoSec

Show threadvicashMar 15
@Ruyynn interesting. How do you do subdomain discovery? Is it just checking against a possible list of subdomain string possibilities? Like checking for “staging” and “dev” and such ?
Show threadRuyynn | OSINT & Pentesting

@vicash

Good question. Not just wordlist brute forcing.

Usually it's a mix of passive discovery and some active techniques. Passive sources like certificate transparency logs and public datasets can reveal quite a few subdomains. After that, wordlist-based brute forcing helps catch common patterns like dev, staging, api, etc.

Another useful approach is analyzing JavaScript files and crawling public assets to extract additional endpoints or subdomain references.

Still exploring and refining different recon techniques.

Mar 16 at 6:12amWeb