A fast sub domain brute tool for pentesters

Related tags

Security related resourcesSubDomains
Overview

subDomainsBrute 1.4

A fast sub domain brute tool for pentesters.

It works with Python3.8

高并发的DNS暴力枚举工具建议使用Python3.8

Install

Python3.5+ users:

  • pip install aiodns

Python2 users

  • pip install dnspython gevent

Screenshot

使用大字典,扫描qq.com

screenshot

Usage

Usage: subDomainsBrute.py [options] target.com
Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit
  -f FILE               File contains new line delimited subs, default is
                        subnames.txt.
  --full                Full scan, NAMES FILE subnames_full.txt will be used
                        to brute
  -i, --ignore-intranet
                        Ignore domains pointed to private IPs
  -w, --wildcard        Force scan after wildcard test fail
  -t THREADS, --threads=THREADS
                        Num of scan threads, 256 by default
  -p PROCESS, --process=PROCESS
                        Num of scan Process, 6 by default
  -o OUTPUT, --output=OUTPUT
                        Output file name. default is {target}.txt

Change Log

  • [2021-12-27]
    • 增加脚本,ip地址筛选并去重
  • [2020-10-29]
    • 增加支持强制扫描泛解析的域名,需要加 -w 参数
  • [2020-10-26]
    • 修复Windows下出现 too many file descriptors
  • [2020-05-05]
    • 增加了Python3.5+支持。Python3执行效率更高
  • [2019-05-19]
    • Add wildcard test
    • Scan faster and more reliable, now can brute up to 3000 domains per second
  • [2018-02-06]
    • 添加多进程支持。 多进程 + 协程,提升扫描效率。
    • 预处理了原字典中的占位符,提升扫描效率
  • [2017-06-03]
    • Bug fix: normal_lines remove deep copy issues, thanks @BlueIce
  • [2017-05-04]
    • 使用协程替代多线程; 使用优化级队列减小队列长度; 优化占位符支持
Owner
Oliver
Oliver
GitHub Repository
Malware arcane - Scripts and notes on my malware analysis journey

Malware Arcane Repository of notes and scripts I use when doing malware analysis

9 Jun 01, 2022
MTBLLS Ethical Hacking Tool Announcement of v2.0

MTBLLS Ethical Hacking Tool Announcement of v2.0 MTBLLS is a Free and Open-Source Ethical Hacking Tool developed by GhostTD (SkyWtkh) The tool can onl

Ghost 2 Mar 19, 2022
Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

dora Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to write a good report for bug bount

Siddharth Dushantha 243 Dec 27, 2022
proxyshell payload generate

Py Permutative Encoding https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-pst/5faf4800-645d-49d1-9457-2ac40eb467bd Generate proxyshell

Evi1cg 63 Nov 15, 2022
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios.

Dr. Johannes Pohl 9k Jan 03, 2023
Proof of concept to check if hosts are vulnerable to CVE-2021-41773

CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773. Description (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV

Jordan Jay 43 Nov 09, 2022
A blind SQL injection script that uses binary search aka bisection method to dump datas from database.

Blind SQL Injection I wrote this script to solve PortSwigger Web Security Academy's particular Blind SQL injection with conditional responses lab. Bec

Şefik Efe 2 Oct 29, 2022
Windows Virus who destroy some impotants files on C:\windows\system32\

psychic-robot Windows Virus who destroy some importants files on C:\windows\system32\ Signatures of psychic-robot.PY (python file) : Bkav Pro : ASP.We

H-Tech-Dev36 1 Jan 06, 2022
Python Password Generator

This is a console-based version of a password generator written with Python. The program generates a password based on numbers of letters, numbers, and symbols specified by the user. This is a simple

p.katekomol 1 Jan 24, 2022
Early days of an Asset Discovery tool.

Please star this project! Written in Python Report Bug . Request Feature DISCLAIMER This project is in its early days, everything you see here is almo

grag1337 3 Dec 20, 2022
Passphrase-wordlist - Shameless clone of passphrase wordlist

This repository is NOT official -- the original repository is located on GitLab

Jeff McJunkin 2 Feb 05, 2022
These are Simple python scripts to test/scan your network

Disclaimer This tool is for Educational purpose only. We do not promote or encourage any illegal activities. Summary These are Simple python scripts t

Varun Jagtap 5 Oct 08, 2022
DNSSEQ: PowerDNS with FALCON Signature Scheme

PowerDNS-based proof-of-concept implementation of DNSSEC using the post-quantum FALCON signature scheme.

Nils Wisiol 4 Feb 03, 2022
This respository contains the source code of the printjack and phonejack attacks.

Printjack-Phonejack This repository contains the source code of the printjack and phonejack attacks. The Printjack directory contains the script to ca

pietrobiondi 2 Feb 12, 2022
Static Token And Credential Scanner

Static Token And Credential Scanner What is it? STACS is a YARA powered static credential scanner which suports binary file formats, analysis of neste

STACS 81 Dec 27, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

Evi1cg 500 Jan 06, 2023
Vuln Scanner With Python

VulnScanner Features Web Application Firewall (WAF) detection. Cross Site Scripting (XSS) tests. SQL injection time based test. SQL injection error ba

< / N u l l S 0 U L > 1 Dec 25, 2021
A tool to extract the IdP cert from vCenter backups and log in as Administrator

vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin

Horizon 3 AI Inc 343 Dec 31, 2022
A script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks

Log4j dork scanner This is an auto script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks. Installation:

Jagar 5 Dec 27, 2022
Threat Intel Platform for T-POTs

GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p

The Honeynet Project 72 Jan 01, 2023