-->

ABOUT US

Our development agency is committed to providing you the best service.

OUR TEAM

The awesome people behind our brand ... and their life motto.

  • Kumar Atul Jaiswal

    Ethical Hacker

    Hacking is a Speed of Innovation And Technology with Romance.

  • Kumar Atul Jaiswal

    CEO Of Hacking Truth

    Loopholes are every major Security,Just need to Understand it well.

  • Kumar Atul Jaiswal

    Web Developer

    Techonology is the best way to Change Everything, like Mindset Goal.

OUR SKILLS

We pride ourselves with strong, flexible and top notch skills.

Marketing

Development 90%
Design 80%
Marketing 70%

Websites

Development 90%
Design 80%
Marketing 70%

PR

Development 90%
Design 80%
Marketing 70%

ACHIEVEMENTS

We help our clients integrate, analyze, and use their data to improve their business.

150

GREAT PROJECTS

300

HAPPY CLIENTS

650

COFFEES DRUNK

1568

FACEBOOK LIKES

STRATEGY & CREATIVITY

Phasellus iaculis dolor nec urna nullam. Vivamus mattis blandit porttitor nullam.

PORTFOLIO

We pride ourselves on bringing a fresh perspective and effective marketing to each project.

Showing posts with label Vertical and Horizontal Domain Co-Relation. Show all posts
Showing posts with label Vertical and Horizontal Domain Co-Relation. Show all posts
  • Vertical and Horizontal Domain Co-Relation

     

    Vertical and Horizontal Domain Co-Relation

     

     

    Vertical and Horizontal Domain Co-Relation 


    There is something also known as sub-sub domain.

    To understand about subdomain enumeration so you will see how you can enumerate a subdomains what is the difference between a vertical doing co-relation and horizontal domain co-relation so that is something which is also known as sub-sub domain that we discussed about in the previous blog so let's quickly understand about vertical domain co-relation so all sub domains of a domain for example let's say google.com so one of the sub domains of google.com will be match start google.com this is example of vertical domain correlation which means any subdomain of a particular base domain or top level domain where is in horizontal domain correlation if contains the acquisitions of the top level domain of the base domain for example google.cz, youtube.com, blogger.com all of these are the products of Google which means they are some other way connected to the base domain with the top of the organisation which basically means anything that aquired by google as a entity is considered to be horizontal domain co-relation now is it really important or would that to identify security flaws into the acquisitions by any parent organisation.


    Vertical Domain Co-relation


    All the subdomain of a domain of google.com (maps.google.com) -> All subdomain of a particular base domain.


    Horizontal Domain Co-relation


    Acquisitions of, google.cz, youtube.com, blogger.com -> anything that is acquired by google as entity.


     

    Yes there are many examples of bug bounty programs where an acquisitions are also considered to be an scope for instance Facebook is a runs about bounty program Facebook runs a bug bounty program which also includes on of it acquisitions similarly Google also includes all of it acquisitions into the bug bounty program similarly Apple also includes all the acquisitions under its bug bounty program and so on so as of now we have understood about vertical domain correlation, horizontal domain correlation so how do we actually identify these types of domains or sub-domains.


    There are some of the open source tools that can be used to identify this and we are going to use most of them into the next upcoming blog so I like to use a subfinder because it is written in go language and and because of its speed and con-currency it is considered to be one of the fastest tool to identify sub domains for any given target.


    There are multiple tools that can be used to identify some domains like Amass, Sublist3r, Aquatone or Knockpy but at the end the going to get the same results from all of them So, they basically want to save our time so we are going to use subfinder in the upcoming blog when we will identify multiple supplement in a lesser span of time.

     

    Subdomains for Recon


    Subfinder - https://github.com/subfinder/subfinder

    Amass - https://github.com/caffix/amass

    Sublister - https://github.com/aboul3la/Sublist3r

    Aquatone - https://github.com/michenriksen/aquatone

    Knockpy - https://github.com/guelfoweb/knock




     

     

    So in addition to the finder I also like to find subdomains manually because that is the time that we may get a new subdomain for any target for that we are going to use crt.sh which basically is the certificates transparency log in which if any new certificate has been assigned to a top level domain or its subdomain you are going to know about that.




    Second is censys.io which is in iot connected search engine from where we can also identify given sub domains for any target similar to censys is Shodan.io I run it is again internet-connected search engine where we can identify about multiple targets and their subdomains Google certificate transparency log is again the certificate lock from which we can identify the sub domains for any given target Facebook certificate transparency is similar like Google certificate transparency when we can identify subdomains based on the certificate blocks you can also identify sub domains using CSP Header you can also identify sub domain based on the DNS record by using view viewdns.info website, dnsdumpster.com as well as virustotal.com.

    I also like to find the subs manually from -

    crt.sh

    censys.io

    shodan.io

    Google certificate transparency

    Facebook certificate transparency

    CSP header

    viewdns.info

    dnsdumpster.com

    virustotal.com

     

     

    Disclaimer

     

    All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.



      - Hacking Truth by Kumar Atul Jaiswal


  • WHAT WE DO

    We've been developing corporate tailored services for clients for 30 years.

    CONTACT US

    For enquiries you can contact us in several different ways. Contact details are below.

    Hacking Truth.in

    • Street :Road Street 00
    • Person :Person
    • Phone :+045 123 755 755
    • Country :POLAND
    • Email :contact@heaven.com

    Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

    Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation.