GooFuzz – Tool To Perform Fuzzing With An OSINT Approach, Managing To Enumerate Directories, Files, Subdomains Or Parameters Without Leaving Evidence On The Target’s Server With Google Dorking

Credits Author: M3n0sD0n4ld Twitter: @David_Uton Description: GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. Download and install: $ git clone https://github.com/m3n0sd0n4ld/GooFuzz.git$ cd GooFuzz$ chmod +x GooFuzz$ ./GooFuzz -h Use: Menu Lists files by extensionsRead More

Dome – Fast And Reliable Python Script That Makes Active And/Or Passive Scan To Obtain Subdomains And Search For Open Ports

Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. This tool is recommended for bug bounty hunters and pentester in their reconnaissance phase. the more surface area exposed the faster a rock with break down If you wantRead More

Tko-Subs – A Tool That Can Help Detect And Takeover Subdomains With Dead DNS Records

This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to a CMS provider (Heroku, Github, Shopify, Amazon S3, Amazon CloudFront, etc.) that can be taken over. a dangling CNAME pointing to a non-existent domain name one or more wrong/typoed NS records pointing to a nameserverRead More

AnalyticsRelationships – Get Related Domains / Subdomains By Looking At Google Analytics IDs

subdomains by looking at Google Analytics IDs > Python/GO versions > By @JosueEncinar “> > Get related domains / subdomains by looking at Google Analytics IDs> Python/GO versions> By @JosueEncinar This script try to get related domains / subdomains by looking at Google Analytics IDs from a URL. First search for ID of Google AnalyticsRead More

Subcert – An Subdomain Enumeration Tool, That Finds All The Subdomains From Certificate Transparency Logs

Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. Setup Step 1: Install Python 3 apt-get install python3-pip Step 2: Clone the Repository git clone https://github.com/A3h1nt/Subcert.git Step 3: Install Dependencies pip3 install -r requirements.txt Step 4: Move the Directory to /opt mv subcert /opt/ Step 5: Add anRead More

Garud – An Automation Tool That Scans Sub-Domains, Sub-Domain Takeover And Then Filters Out XSS, SSTI, SSRF And More Injection Point Parameters

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps with 1VCPU and 2GB ram. Tools used – You must need to install these tools to use this script SubFinderRead More

URLBrute – Tool To Brute Website Sub-Domains And Dirs

What is thisURLBrute is a tool to help you brute forcing website sub-domains and dirs.Can be used with python3 and python2.Dependencies urlbrute.py requests >= 2.21.0 bs4 >= 0.0.1 datetime >= 4.3 How to installIn Linux: chmod +x install.shsudo ./install.sh In Windows, install python 3.7, then run cmd as administrator: install.bat CreditsCredits to danTaler who createdRead More

shuffleDNS – Wrapper Around Massdns Written In Go That Allows You To Enumerate Valid Subdomains

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.Based on the work on massdns project by @blechschmidt.Features Simple and modular code base making it easy to contribute. Fast And Simple active subdomain scanning.Read More

Subfinder – A Subdomain Discovery Tool That Discovers Valid Subdomains For Websites

subfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. subfinder is built for doing one thing only – passive subdomain enumeration, and it does that very well.We have designed subfinder to comply with all passive sourcesRead More

X