diff --git a/README.md b/README.md
index f181d5d..e98232e 100644
--- a/README.md
+++ b/README.md
@@ -285,6 +285,9 @@ tftp {IP ADDRESS}
 gobuster dir -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://{RHOST}
 ffuf -ic -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u "http://{RHOST}/FUZZ"
 
+# Sub-Domain Enumeration
+ffuf -ic -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u "http://{RHOST}" -H "Host:FUZZ.{RHOST}"
+
 # Search File Extensions
 gobuster dir -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php,cgi,pl,sh -u http://{RHOST} 
 ffuf -ic -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e '.html,.txt,.asp,.aspx' -u "http://{RHOST}/FUZZ"