Amass is an OWASP tool that can be used for both active and passive reconnaissance. This can be installed on Ubuntu by:
From a DOS or Powershell terminal:
wsl
Install amass at an Ubuntu command prompt:
sudo snap install amass
Download the default config.ini file and save to the default Amass config file location.
mkdir -p ~/.config/amass
curl https://raw.githubusercontent.com/OWASP/Amass/master/examples/datasources.yaml >$HOME/.config/amass/datasources.yaml
Perform dns passive reconnaissance. This may take a few minutes to return.
amass enum --passive -d owasp-juice.shop
This returns:
sponsor.owasp-juice.shop
help.owasp-juice.shop
www.owasp-juice.shop
owasp-juice.shop
stats.owasp-juice.shop
preview.owasp-juice.shop
pwning.owasp-juice.shop
demo.owasp-juice.shop
localchromeos.owasp-juice.shop
slides.owasp-juice.shop
intro.owasp-juice.shop
local3000.owasp-juice.shop
localmac.owasp-juice.shop
local4200.owasp-juice.shop