- Download Burp Suite
- Run in terminal
java -jar burpsuite_community_v1.7.36.jar
- Scope --> Use advansed scope control --> Add --> host or IP range == target
- Select all host in sitemap and Spider.
- Do it again and again if new hosts are noticed.
- Collect new subdimains which is not detected by spider. in request | response body.
(http[s]?:\/\/)?((-)?[\w+\.]){1,20}domain\.com
Note: click + button and check regex && Auto-scroll to match when text changes
