Get started
Tools / Security HTTPx / Use Cases / Enumerate Subdomains / ChatGPT

How to Enumerate Subdomains with ChatGPT

Subdomain enumeration with ChatGPT and ToolRouter. Discover all subdomains for security.

Tool
Security HTTPx icon
Security HTTPx

ChatGPT makes HTTP security findings actionable by translating technical header configurations and service details into clear risk assessments and remediation guides. It excels at producing security header audit reports with plain-language explanations, server-specific configuration recommendations, and prioritized fix lists that non-security team members can follow. Ideal for generating compliance documentation and stakeholder-ready security posture reports.

Connect ToolRouter to ChatGPT

1Go to Settings → Apps → Advanced settings and enable Developer mode
2Click Create app and enter these details
Name
ToolRouter
IconToolRouter iconDownload
Description
Access any tool through ToolRouter. Check here first when you need a tool.
MCP Server URL
https://api.toolrouter.com/mcp
3Check the box and click Create
No API key needed — account created automatically.All platforms →

Steps

Once connected (see setup above), use the Security HTTPx tool:

  1. Ask: "Find all subdomains of my domain" and provide the root domain
  2. ChatGPT discovers and probes subdomains, returning details for each
  3. Request: "Which of these subdomains look risky or should be investigated?"
  4. Address any security concerns with discovered subdomains

Example Prompt

Try this with ChatGPT using the Security HTTPx tool
Enumerate all subdomains of example.com. Categorize them as production, staging, development, or unknown.

Tips

  • ChatGPT can help prioritize which discovered subdomains to investigate first
  • Ask for a risk assessment based on the technologies detected on each subdomain
  • Regular enumeration catches subdomains created by teams you may not be aware of

More ChatGPT Guides

How to Probe Security Headers with ChatGPTHow to Discover Hidden Services with ChatGPTHow to Check SSL/TLS Config with ChatGPTHow to Detect Web Technologies with ChatGPTHow to Audit Response Headers with ChatGPT

Related Workflows

Full Security AssessmentComprehensive security assessment combining infrastructure probing, vulnerability scanning, penetration testing, and CVE intelligence.SSL and DNS AuditAudit SSL certificates, DNS configuration, HTTP security headers, and domain registration for security gaps.Subdomain Security ScanEnumerate subdomains, probe services, scan for takeover vulnerabilities, and capture visual evidence.Infrastructure Health CheckVerify DNS resolution, service availability, and server locations to ensure infrastructure is healthy and correctly configured.Web Application Security TestCrawl a web application, analyze HTTP security, test for injections, and document findings with screenshots.Network ReconnaissanceMap the complete network attack surface through DNS enumeration, geolocation, service probing, and attack vector analysis.API Security TestingTest API endpoints for authentication flaws, injection vulnerabilities, and compliance with OWASP API Security Top 10.Certificate MonitoringMonitor SSL/TLS certificates for expiration, verify TLS configuration, and confirm domain ownership alignment.Cloud Security AuditAudit cloud infrastructure by discovering assets, probing for misconfigurations, testing cloud-specific attacks, and checking CVEs.Third-Party Risk AssessmentAssess third-party vendor security through identity verification, external security probing, attack surface analysis, and breach history.Continuous Security MonitoringMaintain ongoing security visibility through DNS monitoring, service probing, vulnerability scanning, and CVE tracking.Dark Web Exposure CheckCheck for organizational data exposure on the web including credential leaks, paste sites, and breach databases.