#Subdomain Enumeration
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
Fun Fact
The Tumblr app for Google Glass was released on May 16, 2013.
Text
Subdomain Enumeration: A Complete Guide
Hey everyone, Welcome to pentestguy, In this article, we are going to focus on the subdomain enumeration in detail, but it will be in an automatic way where we are combining different tools and trying to gather subdomains as much as possible. Why is Subdomain Enumeration required? The answer to this question is simple, an organization may have different products/services for internal orโฆ
0 notes
Text
๐ฉ๐ปโ๐ป ๐ฐ๐๐๐๐๐๐๐ ๐๐ ๐๐๐๐๐๐๐๐๐ ๐๐๐ ๐๐ข๐๐๐๐๐๐๐๐๐๐๐ข ๐๐๐ ๐๐ ๐๐๐๐๐๐๐ ๐๐๐๐๐๐๐๐๐๐๐ ๐ ๐๐๐๐๐๐ ๐๐๐ ๐๐๐๐๐
AnyRun: cloud-based malware analysis service (sandbox).
Burp Suite: a proprietary software tool forย security assessment andย penetration testingย of web applications. La community edition, gratis, contiene Burp Proxy and Interceptor (intercetta le richieste effettuate dal browser, consente modifiche on-the-fly e di modificare le risposte; utile per testare applicazioni basate su javascript), Burp Site Map, Burp Logger and HTTP History, Burp Repeater (consente di replicare e modificare le richieste effettuate, aggiungere parametri, rimuoverli, ecc), Burp Decoder, Burp Sequencer, Burp Comparer, Burp Extender (estensioni delle funzionalitร di burpsuite, plugin specializzati per individuare bug specifici, automatizzare parte delle attivitร , ecc) e Burp Intruder (consente di iterare richieste con payload differenti e automatizzare attivitร di injection).
CyberChef: is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
DorkSearch: an AI-powered Google Dorking toolย that helps create effective search queries to uncover sensitive information on the internet.
FFUF: fast web fuzzer written in Go.
GrayHatWarfare: is a search engine that indexes publicly accessible Amazon S3 buckets. It helps users identify exposed cloud storage and potential security risks.
JoeSandbox: detects and analyzes potential malicious files and URLs on Windows, Mac OS, and Linux for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed analysis reports.
Nikto: is aย free softwareย command-lineย vulnerability scannerย that scansย web serversย for dangerous files or CGIs, outdated server software and other problems.
Nuclei: is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Owasp Zap: Zed Attack Proxy (ZAP) by Checkmarx is a free, open-source penetration testing tool. ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known as a โmanipulator-in-the-middle proxy.โ It stands between the testerโs browser and the web application so that it can intercept and inspect messages sent between browser and web application, modify the contents if needed, and then forward those packets on to the destination. It can be used as a stand-alone application, and as a daemon process.
PIA: aims to help data controllers build and demonstrate compliance to the GDPR. It facilitates carrying out a data protection impact assessment.
SecLists: is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SQLMAP: is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Subfinder: fast passive subdomain enumeration tool.
Triage: cloud-based sandbox analysis service to help cybersecurity professionals to analyse malicious files and prioritise incident alerts and accelerate alert triage.ย It allows for dynamic analysis of files (Windows, Linux, Mac, Android) in a secure environment, offering detailed reports on malware behavior, including malicious scoring.ย This service integrates with various cybersecurity tools and platforms, making it a valuable tool for incident response and threat hunting.ย
VirusTotal: analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.
Wayback Machine: is a digital archive of theย World Wide Webย founded byย Internet Archive. The service allows users to go "back in time" to see how websites looked in the past.
Wapiti: allows you to audit the security of your websites or web applications. It performs "black-box" scans of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms and their inputs, Wapiti acts like aย fuzzer, injecting payloads to see if a script is vulnerable.
WPScan: written for security professionals and blog maintainers to test the security of their WordPress websites.
โโโโโโโโโโโโโโโโโโโโโโโโ
๐ฉ๐ปโ๐ป๐๐๐๐-๐๐๐๐๐๐๐๐๐๐
flAWS: through a series of levels you'll learn about common mistakes and gotchas when using Amazon Web Services (AWS).
flAWS2: this game/tutorial teaches you AWS (Amazon Web Services) security concepts. The challenges are focused on AWS specific issues. You can be an attacker or a defender.
โโโโโโโโโโโโโโโโโโโโโโโโ
๐ฉ๐ปโ๐ป๐ฑ๐๐๐๐ ๐๐๐๐๐ ๐๐ ๐๐๐๐ ๐๐๐๐๐๐๐๐๐๐๐๐๐ ๐๐๐๐๐๐๐๐๐๐๐ ๐๐ ๐๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ ๐๐๐๐ ๐๐๐๐๐๐๐ฃ๐๐
http://testphp.vulnweb.com
0 notes
Text
A Comprehensive Guide to Bug Hunting
This guide provides a structured, step-by-step approach to bug hunting, focusing on reconnaissance, subdomain enumeration, live domain filtering, vulnerability scanning, and JavaScript analysis.
It incorporates essential tools like SecretFinder, Katana, GetJS, Nuclei, Mantra, Subjs, Grep, and Anew to enhance efficiency and coverage.
1. Initial Reconnaissance
Gather information about the target to identify IP blocks, ASNs, DNS records, and associated domains.
Tools and Techniques:
ARIN WHOIS: Lookup IP blocks and ownership details.
BGP.HE: Retrieve IP blocks, ASNs, and routing information.
ViewDNS.info: Check DNS history and reverse IP lookups.
MXToolbox: Analyze MX records and DNS configurations.
Whoxy: Perform WHOIS lookups for domain ownership.
Who.is: Retrieve domain registration details.
Whois.domaintools: Advanced WHOIS and historical data.
IPAddressGuide: Convert CIDR to IP ranges.
NSLookup: Identify nameservers.
BuiltWith: Discover technologies used on the target website.
Amass: Perform comprehensive information gathering (subdomains, IPs, etc.).
Shodan: Search for exposed devices and services.
Censys.io: Identify hosts and certificates.
Hunter.how: Find email addresses and domain-related data.
ZoomEye: Search for open ports and services.
Steps:
Identify the target domain and associated IP ranges.
Collect WHOIS data for ownership and registration details.
Map out nameservers and DNS records.
Use Amass to enumerate initial subdomains and IPs.
Leverage Shodan, Censys, and ZoomEye to find exposed services.
2. Subdomain Enumeration
Subdomains often expose vulnerabilities. The goal is to discover as many subdomains as possible, including sub-subdomains, and filter live ones.
Tools and Techniques:
Subfinder: Fast subdomain enumeration.
Amass: Advanced subdomain discovery.
Crt.sh: Extract subdomains from certificate transparency logs.
Sublist3r: Enumerate subdomains using multiple sources.
FFUF: Brute-force subdomains.
Chaos: Discover subdomains via ProjectDiscoveryโs dataset.
OneForAll: Comprehensive subdomain enumeration.
ShuffleDNS: High-speed subdomain brute-forcing (VPS recommended).
Katana: Crawl websites to extract subdomains and endpoints.
VirusTotal: Find subdomains via passive DNS.
Netcraft: Search DNS records for subdomains.
Anew: Remove duplicate entries from subdomain lists.
Httpx: Filter live subdomains.
EyeWitness: Take screenshots of live subdomains for visual analysis.
Steps:
Run Subfinder, Amass, Sublist3r, and OneForAll to collect subdomains.
Query Crt.sh and Chaos for additional subdomains.
Use FFUF and ShuffleDNS for brute-forcing (on a VPS for speed).
Crawl the target with Katana to extract subdomains from dynamic content.
Combine results into a single file and use Anew to remove duplicates: cat subdomains.txt | anew > unique_subdomains.txt
Filter live subdomains with Httpx: cat unique_subdomains.txt | httpx -silent > live_subdomains.txt
Use EyeWitness to capture screenshots of live subdomains for manual review.
3. Subdomain Takeover Checks
Identify subdomains pointing to unclaimed services (e.g., AWS S3, Azure) that can be taken over.
Tools:
Subzy: Check for subdomain takeover vulnerabilities.
Subjack: Detect takeover opportunities (may be preinstalled in Kali).
Steps:
Run Subzy on the list of subdomains: subzy run --targets live_subdomains.txt
Use Subjack for additional checks: subjack -w live_subdomains.txt -a
Manually verify any flagged subdomains to confirm vulnerabilities.
4. Directory and File Bruteforcing
Search for sensitive files and directories that may expose vulnerabilities.
Tools:
FFUF: High-speed directory brute-forcing.
Dirsearch: Discover hidden directories and files.
Katana: Crawl for endpoints and files.
Steps:
Use FFUF to brute-force directories on live subdomains: ffuf -w wordlist.txt -u https://subdomain.target.com/FUZZ
Run Dirsearch for deeper enumeration: dirsearch -u https://subdomain.target.com -e *
Crawl with Katana to identify additional endpoints: katana -u https://subdomain.target.com -o endpoints.txt
5. JavaScript Analysis
Analyze JavaScript files for sensitive information like API keys, credentials, or hidden endpoints.
Tools:
GetJS: Extract JavaScript file URLs from a target.
Subjs: Identify JavaScript files across subdomains.
Katana: Crawl for JavaScript files and endpoints.
SecretFinder: Search JavaScript files for secrets (API keys, tokens, etc.).
Mantra: Analyze JavaScript for vulnerabilities and misconfigurations.
Grep: Filter specific patterns in JavaScript files.
Steps:
Use Subjs and GetJS to collect JavaScript file URLs: cat live_subdomains.txt | subjs > js_files.txt getjs --url https://subdomain.target.com >> js_files.txt
Crawl with Katana to find additional JavaScript files: katana -u https://subdomain.target.com -o js_endpoints.txt
Download JavaScript files for analysis: wget -i js_files.txt -P js_files/
Run SecretFinder to identify sensitive data: secretfinder -i js_files/ -o secrets.txt
Use Mantra to detect vulnerabilities in JavaScript code: mantra -f js_files/ -o mantra_report.txt
Search for specific patterns (e.g., API keys) with Grep: grep -r "api_key\|token" js_files/
6. Vulnerability Scanning
Perform automated scans to identify common vulnerabilities.
Tools:
Nuclei: Fast vulnerability scanner with customizable templates.
Mantra: Detect misconfigurations and vulnerabilities in web assets.
Steps:
Run Nuclei with a comprehensive template set: nuclei -l live_subdomains.txt -t cves/ -t exposures/ -o nuclei_results.txt
Use Mantra to scan for misconfigurations: mantra -u https://subdomain.target.com -o mantra_scan.txt
7. GitHub Reconnaissance
Search for leaked sensitive information in public repositories.
Tools:
GitHub Search: Manually search for target-related repositories.
Grep: Filter repository content for sensitive data.
Steps:
Search GitHub for the target domain or subdomains (e.g., from:target.com).
Clone relevant repositories and use Grep to find secrets: grep -r "api_key\|password\|secret" repo_folder/
Analyze code for hardcoded credentials or misconfigurations.
8. Next Steps and Analysis
Review EyeWitness screenshots for login pages, outdated software, or misconfigurations.
Analyze Nuclei and Mantra reports for actionable vulnerabilities.
Perform manual testing on promising subdomains (e.g., XSS, SQLi, SSRF).
Document findings and prioritize vulnerabilities based on severity.
Additional Notes
Learning Resources: Complete TryHackMeโs pre-security learning path for foundational knowledge.
Tool Installation:
Install Anew: go install github.com/tomnomnom/anew@latest
Install Subzy: go install github.com/PentestPad/subzy@latest
Install Nuclei: go install github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
Install Katana: go install github.com/projectdiscovery/katana/cmd/katana@latest
Optimization: Use a VPS for resource-intensive tools like ShuffleDNS and FFUF.
File Management: Organize outputs into separate files (e.g., subdomains.txt, js_files.txt) for clarity.
1 note
ยท
View note
Text
SQLMutant: Advanced Tool for SQL Injection | #Pentesting #RedTeam #SQLInjection #SQLi #SQLMutant #Hacking
1 note
ยท
View note
Text
ูุญุต ูุงุณุชุบูุงู ุณุจ ุฏูู
ูู AzSubEnum
AzSubEnum ุงูุณูุงู
ุนูููู
ู
ุชุงุจุนูู ููุงุฉ ูู
ุฏููุฉ Shadow Hacker ูู ูุฐุง ุงูู
ูุงู ุณูู ูุณุชุนุฑุถ ุฃุฏุงุฉ ุฑุงุนู ุฌุฏุงู ู
ุฎุตุตู ูู ุงุณุชุฎุฑุงุฌ subdomain ูุงุณุชุบูุงู ุงูุซุบุฑุงุช ุงูู
ูุฌูุฏุฉ ูููุง ุชู
ุชุตู
ูู
ุฃุฏุงุฉ AzSubEnum ุจูุฏู ูุญุต ุงููุทุงูุงุช ุงููุฑุนูุฉ ุจุฏูุฉ ุนุงููู ุฌุฏุงูย ููุญุต ุฌู
ูุน ุงููุทุงูุงุช ุงููุฑุนูุฉ ู
ู ุฎูุงู ู
ุฌู
ูุนุฉ ู
ู ุงูุชูููุงุช ุงูู
ุชูุงุฌุฏุฉ ูู ุงูุฃุฏุงุฉ ูุงุฐุง ููุช ู
ู ุงูู
ูุชู
ูู ูู ู
ุฌุงู ุงูุชุดุงู ุงูุซุบุฑุงุช ูุฃุฎุชุจุงุฑ ุงูุฃุฎูุงูู ููุฐุฉ ุงูุฃุฏุงุฉ ุณุชููู ุฐู ูุงุฆุฏุฉ ูุจูุฑุฉ ููู.AzSubEnum
ูุญุต ูุงุณุชุบูุงู ุณุจ ุฏูู
ูู AzSubEnum
AzSubEnum ูุงุญุฏุฉ ู
ู ุงููู ุงูุฃุฏูุงุช ูู ู
ุฌุงู ุงุตุชูุงุฏ ุงูุซุบุฑุงุช ุงูุฃู
ููู ูู ุงูู
ูุงูุน ูุงูุณูุฑูุฑุงุช ูุชููุฑ ูู ู
ู
ูุฒุงุช ุนุฏูุฏุฉ ู
ุซู ูุญุต ุงูุนู
ูู ุงูุฐู ูุฎูู ูู ูุญุต ูุงุณุชุฎุฑุงุฌ ุฌู
ูุน ุงูุซุบุฑุงุช ุงูู
ุชูุงุฌุฏุฉ ูู ุงููุทุงู ุงููุฑุนู , ูู
ุง ุงููุง ุชุณุชุฎุฑุฌ ุฌู
ูุน ุงููุทุงูุงุช ุงููุฑุนูุฉ ุจุดูู ุฏููู ุฌุฏุงู ูู ุงูุฏูู
ูู , ุชุนู
ู ุฃุฏุงุฉ AzSubEnum ู
ู ุฎูุงู ุชุญููู DNS ุจุดูู ู
ุจุชูุฑ ูุชุญููู ุงููุทุงุชูุงุช ุงููุฑุนูุฉ ุจุดูู ุฏููู ุนุจุฑ ููุงุนุฏ ุงูุจูุงูุงุช ู
ุซู (including MSSQL, Cosmos DB, and Redis).
ุจุณุชุฎุฏุงู
ุฃุฏุงุฉ AzSubEnum ูู
ูู ุชุญููู ุดุงู
ู ูู Subdomain ูู ู
ููุฏุฉ ุฌุฏุงู ููู
ูุชู
ูู ูู ู
ุฌุงู BUG BUNTY ุงู ุงูู
ูุชู
ูู ูู ุงูุชุดุงู ุงูุซุบุฑุงุช ุงูู
ููุฉ ุจุดุชู ุงููุงุนูุง.
ุทุฑููุฉ ุฃุณุชุฎุฏุงู
ุฃุฏุงุฉ AzSubEnum
โ AzSubEnum git:(main) โ python3 azsubenum.py --help usage: azsubenum.py [-h] -b BASE [-v] [-t THREADS] [-p PERMUTATIONS] Azure Subdomain Enumeration options: -h, --help show this help message and exit -b BASE, --base BASE Base name to use -v, --verbose Show verbose output -t THREADS, --threads THREADS Number of threads for concurrent execution -p PERMUTATIONS, --permutations PERMUTATIONS File containing permutations
Basic enumeration:
1 note
ยท
View note
Text
WebCopilot: Open-source automation tool enumerates subdomains, detects bugs
http://securitytc.com/T4NW9l
0 notes
Text
Productivity Log 11/02/23 +
11/03/23
I forgot to log yesterday and I'm feeling a little lazy so another 2 day post it is!
Personal Things ๐ฑ
Still watching these good doggos!
Got my hair cut! I've been going shorter every time and I love it.
I've been listening to more music as I do things around the house and it makes life just so much more enjoyable
I.T. Computer Girly Things ๐ค
Applied to three more jobs. One of them I'm really excited about -It's a reach, but it's in the field I want to end up in and I would have regretted not applying.
Completed lessons and labs on content discovery, subdomain enumeration, authentication bypass and IDOE vulnerabilities on TryHackMe.
Other Things ๐พ
I stopped by a cd store and a thrift store for some CDs. Got a good haul and listened to Shinedown's album The Sound of Madness on the way home. I forgot how much I loved that album as a tween!
I got a bottle of Snoop Dog's wine. I want to use it as a candle holder once it's empty lol. It's pretty good too and cheap.
Suga from BTS was in my dream last night. He's the only member that has been in them which I find really funny.
Gave Golden a listen to as well!
0 notes
Text
What is footprinting?
In the realm of cybersecurity, knowledge is power, and the first step in defending against potential threats is understanding them. Footprinting, often regarded as the initial phase of a cyberattack, is the process of gathering information about a target, be it an organization, an individual, or a network. In this blog, we will delve into the concept of footprinting, exploring its significance, methodologies, and ethical considerations.
What is Footprinting?
Footprinting, in the context of cybersecurity, refers to the systematic process of gathering information about a target entity, primarily through open-source intelligence (OSINT) techniques. The goal is to create a digital map that encompasses various aspects of the target, such as its infrastructure, employees, technologies, and online presence. This information is invaluable for both defensive and offensive cybersecurity purposes.
Methodologies of Footprinting
Passive Footprinting:
Website Analysis: Analyzing a target's website for publicly available information like contact details, organizational structure, and technology stack.
Social Media Profiling: Scouring social media platforms for clues about the target's employees, their interests, and connections.
WHOIS Lookup: Querying the WHOIS database to find domain registration information, including domain owners and contact details.
Active Footprinting:
Port Scanning: Actively probing the target's network to discover open ports, services, and potential vulnerabilities.
DNS Enumeration: Gathering information about DNS records to unveil subdomains and network topology.
Network Scanning: Using tools like Nmap to identify network devices, their configurations, and vulnerabilities.
Physical Footprinting:
On-Site Reconnaissance: Physical visits to target locations to gather information about security measures, access points, and potential weaknesses.
Also Read: What is the Scope of Ethical Hacking?
Ethical Considerations
It's imperative to approach footprinting ethically, respecting privacy and legal boundaries. Ethical hackers and cybersecurity professionals use these techniques for defensive purposes, helping organizations strengthen their security posture. Unethical or malicious use of footprinting techniques can lead to privacy violations, data breaches, and legal consequences.
Significance of Footprinting
Security Assessment: Footprinting provides organizations with insights into how much information is readily available to potential attackers. This information helps them assess their security measures and make necessary improvements.
Vulnerability Identification: Footprinting reveals potential vulnerabilities, allowing organizations to address weaknesses before they are exploited.
Incident Response: In the event of a security incident, having a pre-existing digital footprint of the organization can aid in identifying the scope and nature of the breach.
Competitive Intelligence: In the business world, footprinting can be used to gather information about competitors, their products, and strategies.
Conclusion
In the ever-evolving domain of cybersecurity, understanding and mitigating potential threats begin with comprehensive knowledge, and footprinting is a fundamental part of this process. Footprinting, when conducted responsibly and ethically, unveils the digital trail that can be vital for security professionals and organizations.
To truly harness the power of footprinting and use it for ethical and defensive purposes, individuals and organizations should consider enrolling in an online ethical hacking course. These courses provide structured learning environments, imparting knowledge about not only footprinting but also a broader array of cybersecurity practices. Importantly, they emphasize the ethical responsibility that accompanies this knowledge.
In conclusion, footprinting, when employed ethically and in tandem with an ethical hacking course, becomes a potent tool for safeguarding digital assets. It equips individuals with the skills and mindset needed to proactively defend against cyber threats, ultimately enhancing the security and resilience of our increasingly interconnected digital world.
0 notes
Text
ReconDog v2.0 - Reconnaissance Swiss Army Knife
ReconDog v2.0 - Reconnaissance Swiss Army Knife #Reconnaissance #Hacking #InfoGathering #Hacking
Reconnaissance Swiss Army Knife
Main Features
Wizard + CLA interface
Can extracts targets from STDIN (piped input) and act upon them
All the information is extracted with APIs, no direct contact is made to the target
Utilities
Censys: Uses censys.io to gather massive amount of information about an IP address.
NS Lookup: Does name server lookup
Port Scan: Scan most common TCP ports
Detect CMS: Canโฆ
View On WordPress
#cms detector#command line#Configuration#enumerate subdomains#Honeypot Detector#Information#information Gathering#Management#python#recon#ReconDog#Reverse#scan#Subdomain Enumeration#subdomains
1 note
ยท
View note
Text
Sunday Round Up - 27 January 2019
amzn_assoc_ad_type = "banner"; amzn_assoc_marketplace = "amazon"; amzn_assoc_region = "US"; amzn_assoc_placement = "assoc_banner_placement_default"; amzn_assoc_campaigns = "amzn_vicc_cloudcam_1017"; amzn_assoc_banner_type = "category"; amzn_assoc_isresponsive = "true"; amzn_assoc_banner_id = "1J0CHGJT75D586M66602"; amzn_assoc_tracking_id = "kraljevicn1-20"; amzn_assoc_linkid = "c122cc4768b349b4aab7d3099b74ea1c";
Sunday Round up for this week!
Articles:
The Top Cybersecurity Breaches of 2018
Why Internet Security Is So Bad
Kubernetes: unauth kublet API 10250 token theft & kubectl
Domained โ Multi Tool Subdomain Enumeration
If You Use Freelancers, Do You Need to Educate Them About Security Awareness?
If you found some other interesting stuff this week feel free to leave a link to it in the comments section. Otherwise feel free to check out the last roundup here.
These round ups are brought to you by PassVult.
#PassVult#Cybersecurity#breaches#20128#Why is security so bad#Kubernetes#token theft#kubectl#Domained#Multi tool#Subdomain#enumeration#Freelancers#Education#Security Awareness
1 note
ยท
View note
Text
Omnisci3nt: Unveiling the Hidden Layers of the Web | #Omnisci3nt #Reconnaissance #Web
0 notes
Link
0 notes
Photo
Aquatone By far the best subdomain enumerator I have ever used, I love this tool-set both Aquatone Discover and Aquatone Scan. I would definitely recommend using this tool if you are a bug bounty hunter! Please note that I used the Nmap Scanme site as to avoid doing anything illegal and as you can see it already pulled the nameservers and does some cool stuff like pulling the subdomains and all their IPs and information! I quite often use this in combination with a very powerful program called Photon but for some reason havenโt been able to install Docker on Parrot because of some weird error. Will update as soon as I am able to fix this.ย
#Aquatone#subdomain#url#websites#webdevelopment#vulnerability scanner#dns#hacking tools#nmap#github#hacking#ethical hacking#ip address#enumeration
0 notes
Text
[Media] โโsubnerium
โโsubnerium A fast passive subdomain enumeration tool that uses various sources to gather data. All requests are made through yaml templates, to see more see the documentation:๐ https://github.com/d3f1ne/subnerium #infosec #pentesting #bugbounty
2 notes
ยท
View notes