[Owasp-Mumbai] Subdomain hunting

[Teccoder]

Hey,

I have recently been working on a project that concentrates on using 
many different techniques to find hidden sub-domains. I have written up 
a POC in perl, and while testing it on most websites, I ended up finding 
many admin and other internal sub domains.

I was just wondering how many other pen testers have been looking for 
sub domains and what your experience has been. Also if we have any 
webmasters here, send me link to networks you manage and I'll run a scan 
on your network with my POC. You can let me know how accurate it was and 
how many sub domains it missed.

Best Regards,
Yash Kadakia