Working with Assetfinder Tool
Example 1 :
assetfinder w3wiki.org
In the below screenshot our target domain is w3wiki.org we are trying to find the possible subdomains which are associated with the parent domain w3wiki.org. No extra flags or tags are provided while scanning. So assetfinder will find all the domains + subdomains.
Example 2: Only subdomains –subs-only
assetfinder --subs-only w3wiki.org
In this example, the –subs-only tag is provided which has the meaning of finding only the subdomains of the inputted domain. In the below screenshot, we have passed the –subs-only with the w3wiki.org domain, so assetfinder will only fetch the subdomains of w3wiki.org. No associated domains will be retrieved.
Example 3: Only subdomains –subs-only on uber.com
assetfinder --subs-only uber.com
In this example, our target domain is uber.com and the –subs-only tag is provided which has the meaning of finding only the subdomains of the inputted domain. In the below screenshot, we have passed the –subs-only with the uber.com domain, so assetfinder will only fetch the subdomains of uber.com. No associated domains will be retrieved.
Example 4: Only subdomains –subs-only on tesla.com
assetfinder --subs-only tesla.com
In this example, our target domain is tesla.com and the –subs-only tag is provided which has the meaning of finding only the subdomains of the inputted domain. In the below screenshot, we have passed the –subs-only with the tesla.com domain, so assetfinder will only fetch the subdomains of tesla.com No associated domains will be retrieved.
Assetfinder tool is the fastest tool to return the subdomains of the target domain. You can add this tool to your Web App Penetration Testing Toolkit.
Assetfinder – Find domains and subdomains related to a given domain
Approaching our target is very important while testing a web-based application. Suppose the scope of the target is large, then rather than testing the main domain every researcher should go with associated subdomains, as sometimes these subdomains can be vulnerable to many new vulnerabilities like XSS, SQL, CSRF, etc. So to get more number of related subdomains of your target, we need to have a strong and potential script that will automate our work and return a list of subdomains. So assetfinder is the tool that will help to get subdomains of our target. Assetfinder is a Golang language-based tool used to get potential subdomains of our target domain.
Note: As Assetfinder is a Golang language-based tool, so you need to have a Golang environment on your system. So check this link to install Golang in your system – How to Install Go Programming Language in Linux