Your organization is acquiring another company and needs a comprehensive security assessment of their digital assets.
Prerequisites: Target company domains, advanced ASM skills
# Set up M&A assessment
TARGET_COMPANY="AcquiredCorp"
DOMAINS="acquired.com,subsidiary.acquired.com"
MA_DIR="ma_assessment_${TARGET_COMPANY}_$(date +%Y%m%d)"
mkdir -p "$MA_DIR"/{discovery,analysis,reports,evidence}
cd "$MA_DIR"
# Create domain list
echo "$DOMAINS" | tr ',' '\n' > discovery/domains.txt
# Comprehensive subdomain discovery
while IFS= read -r domain; do
echo "🔍 Comprehensive discovery for: $domain"
# Multiple subdomain sources
subfinder -d "$domain" -all -silent > "discovery/${domain}_subfinder.txt"
amass enum -active -d "$domain" -brute -o "discovery/${domain}_amass.txt"
# Certificate transparency
curl -s "https://crt.sh/?q=%.${domain}&output=json" | jq -r '.[].name_value' | sort -u > "discovery/${domain}_ct.txt"
# DNS brute force
dnsrecon -d "$domain" -D /usr/share/wordlists/dnsmap.txt -t brt > "discovery/${domain}_dnsrecon.txt"
# Combine all sources
cat discovery/${domain}_*.txt | sort -u > "discovery/${domain}_all_subdomains.txt"
done < discovery/domains.txt
# Consolidate all findings
cat discovery/*_all_subdomains.txt | sort -u > discovery/all_assets.txt