Analyze Domains and Subdomains  Step by Step Guide ▷ 2020

The domains and subdomains can present vulnerabilities that allow infecting your device with malware. For this reason it is important to analyze these elements of the Url to detect threats that could cause major problems on a computer.

This is why you will need to know the type of vulnerability that you can detect and the steps you must take to carry out this task.. These data can be found in the following paragraphs of this article.

We will also show you a list with the best tools you can use to analyze websites and their hostings. Take a look to be always protected.

What kind of vulnerabilities can we detect by analyzing a domain and subdomain?

A Url address it’s divided in three parts, the first is the data transmission protocol, the second Y third is the domain and subdomain, respectively. Regarding the protocol it is necessary that one be of type HTTPS to avoid the vulnerability of being intercepted the communication between the device and the host.

Regarding the domain and subdomain, you can find different types of vulnerabilities, many related to the DNS server, which we present below:

  • URL redirection: This attack mode used by intruders is carried out through the phishing, with which the victim is deceived by means of a graphical interface similar to that of the original site. In addition, a subdomain is created that was left by the company, which owns the domain, to deceive people. The latter is what is known as subdomain rescue or subdomain takeover.
  • XSS attacks: It is similar to the previous case, but this time the hackers malicious code enters the domain or subdomain to be executed by the person when they visit the page.
  • Clickjacking: is usually used in Twitter and Facebook, and consists of redirecting the user to a page when they press a link that is different from the top-level web to which they wanted to go. You can learn about this technique by analyzing the domain and subdomain presented by the referral button.

Learn step by step how to perform a complete analysis of a web domain

For perform a full domain scan you will have to use one tool third-party, in which it will help you efficiently with this task.

In this case we will use BrightCloud as an example:

Use BrightCloud on your computer

Download BrightCloud to your computer

The first thing you should do is access the tool on your device BrightCloud with which you are going to work. For this you will have to write in the address bar Url from your browser https://www.brightcloud.com.

Open BrightCloud and enter the domain

Once you have opened the platform you can find a bar on the left side of the screen so that include the URL or IP address of the domain what do you want examine. So you must write some of these two options and click on Search for.

Examine the results

Examine the results

After finishing with the previous steps, you will see a result with the information about the web reputation, its category and the influence Of the same. In this last section you will be able to find the level of infections that he had in the last 12 months. Therefore, you will have to control this last data to know if it is reliable or not the site you want to enter.

List of the best tools to analyze websites and their hosts

We will show you below a list with the best tools So you can analyze websites and its hostings in a fast and safe way.

Choose the one that best suits your needs:

Observatory.Mozilla.org

This is a Firefox Mozilla platform that it provides for free to analyze any website. The steps are very simple, you just have to enter the URL address and then click on the button to start the computer audit. In a few seconds you can find four tabs that will help you specify the HTTP protocol with a list of the tests that were carried out and the reason why it obtains a score determined by the system.

With this you can improve server headers and grade stories. In another flap you can find TLS related data, so you can analyze the certified information and the cipher suites. In addition, you will find the encryption preferences and suggestions that it offers you on the platform. The latest tabs you will find all the analysis on SSH, but you must bear in mind that if the site has installed firewall that block access, you will not be able to find information of this type.

ImmuniWeb.com

With this platform you can find solutions and they are originating from DevSecOps to test any website. The procedure is simple and allows visualize risks and threats in real time based on artificial intelligence compliance testing.

You will be able to find results that will give you a score related to the DDS, with the email servers and subdomains presented by the analyzed page. Further, you will be able to know the SSL certificate which uses the signature and compliance algorithm PCI DSS.

HstsPreload.org

With only enter the domain of the website you will be able to find information related to the redirect from HTTP to HTTPS protocol, admission of these security systems in their domains and headers HSTS.

In this way you will analyze gTLD, ccTLD, and public suffix domains to ensure a safety of TLD type. This will allow you to navigate that web page with complete peace of mind, since it does not have any risk in its domains Y subdomains. Finally, you will be able to find recommendations, if you own the analyzed website, to strengthen your security and that of the navigators who enter the page.

MalwareURL.com

MalwareURL

This tool is much more limited than the previous ones, but the results are faster if you want to know if an address Url or one IP contains malware that compromises your privacy. What this platform does is compare the data you enter with a list of malicious websites. In case of giving a negative result, it will not inform you anything, so you should be careful if you think that you have returned any data incorrectly.

SSLLabs.com

If you wish know the security information that a server has, you will have to test its certificate and the configuration of the site to know all the details involved. Therefore, you will need a tool like Qualys what allows you to perform a complete audit of a domain in just a few steps.

You will only need enter the host name to know the security protocol, the algorithm used at certificate and the TLS and SSL configuration. You will also have the option to analyze the miscellaneous and the requirements of the HTTP server.

If you have any questions, leave them in the comments, we will answer you as soon as possible, and it will surely be of great help to more members of the community. Thank you! 😉

You may be interested:

Rate this post

Leave a Comment