Subdominator
reconftw
Subdominator | reconftw | |
---|---|---|
1 | 3 | |
179 | 5,252 | |
6.1% | - | |
7.9 | 9.2 | |
4 months ago | 7 days ago | |
C# | Shell | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Subdominator
-
Show HN: Subdominator – A New Approach to Subdomain Takeovers
Hey everyone! I just wanted to show off a cool new tool I made for bug bounties and pentesting, the direct link is here: https://github.com/Stratus-Security/Subdominator
Subdominator is a subdomain takeover tool (yes, there's lots of options already) but I did a case study on the functionality of the existing solutions, identified the shortcomings of each and made a more comprehensive and accurate tool. This is outlined in the linked post I made on the company blog.
Feedback, questions or requests are always welcome! Hope you like it :)
reconftw
- Automated recognition frameworks?
-
I made a CLI that streamlines Ethical Hacking workflow
Checkout ReconFTW
-
Tools for subdomain brute forcing
reconFTW = https://github.com/six2dez/reconftw
What are some alternatives?
Spoofy - Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
dirsearch - Web path scanner
Sn1per - Attack Surface Management Platform
Resources-for-Beginner-Bug-Bounty-Hunters - A list of resources for those interested in getting started in bug bounties
Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed - This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.
Goohak - Automatically Launch Google Hacking Queries Against A Target Domain
ReconPi - ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
hackerone-reports - Top disclosed reports from HackerOne
BugBountyScanner - A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
nikto - Nikto web server scanner
axiom - The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!