Back to Introduction
Low Risk
Wiki Entry
Subdomain Enumeration Possible
Your domain has subdomains that could be enumerated, potentially revealing internal infrastructure.
Why This Matters
Attackers can discover hidden subdomains to find vulnerable services, admin panels, or development environments that shouldn't be publicly accessible.
How to Fix
Framework-specific solutions and general best practices
Use wildcard DNS certificates to prevent subdomain enumeration. Ensure all subdomains are necessary and properly secured. Consider using different domains for internal services.
Quick Reference
Severity
Low Risk
ID
subdomain_enumeration_riskAI Assistant Prompt
Copy this prompt to ask an AI for help fixing this vulnerability:
Please fix the "Subdomain Enumeration Possible" security vulnerability in this web application. The issue is: Your domain has subdomains that could be enumerated, potentially revealing internal infrastructure. Make a plan and implement based on my project.