SecPlusTrainer / Glossary / What is subdomain enumeration?
D9 · PenTest+

What is subdomain enumeration?

Subdomain enumeration discovers all subdomains of a target domain — revealing forgotten servers, dev environments, internal tools, and attack surface. Tools: Amass, dnsx, sublist3r, certificate transparency logs.
Certificate transparency logs reveal subdomains without scanning. Forgotten subdomains (old.company.com, dev.company.com) often have weaker security. Regular attack surface management should include subdomain enumeration of your own domains.

Related Terms

What is banner grabbing? What is enumeration in cybersecurity? What is OSINT (Open Source Intelligence)? What is passive reconnaissance?
← Back to Glossary Practice Questions →