SubScraper - External Pentest Tool That Performs Subdomain Enumeration Through Various Techniques - KitPloit - PenTest Tools for your Security Arsenal ☣
2018-10-02 10:14:28 Author: www.kitploit.com(查看原文) 阅读量:89 收藏

SubScraper uses DNS brute force, Google & Bing scraping, and Virus Total to enumerate subdomains without an API. Written in Python3, SubScraper performs HTTP(S) requests and DNS "A" record lookups during the enumeration process to validate discovered subdomains. This provides further information to help prioritize targets and aid in potential next steps. Post-Enumeration, "CNAME" lookups are displayed to identify subdomain takeover opportunities. 


Usage

python3 subscraper.py example.com
python3 subscraper.py -t 5 -o csv example.com

Options

  -s              Only use internet to find subdomains
  -b              Only use DNS brute forcing to find subdomains
  -o OUTFILE      Define output file type: csv/txt (Default: None)
  -t MAX_THREADS  Max threads (Default: 10)
  -w SUBLIST      Custom subdomain wordlist

SubScraper - External Pentest Tool That Performs Subdomain Enumeration Through Various Techniques SubScraper - External Pentest Tool That Performs Subdomain Enumeration Through Various Techniques Reviewed by Lydecker Black on 6:01 PM Rating: 5


文章来源: https://www.kitploit.com/2018/10/subscraper-external-pentest-tool-that.html?utm_source=dlvr.it&utm_medium=twitter
如有侵权请联系:admin#unsafe.sh