XSHOCK
Raccoon
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
XSHOCK
Raccoon
-
What paths are the most common ones to find the file system on a webserver. ?
add these in too https://github.com/evyatarmeged/Raccoon/blob/master/raccoon_src/wordlists/fuzzlist
-
I wrote a blazing fast subdomain enumerator! (100.000 domains checked under 10 minutes!)
This + Raccoon seems like it would be a great first recon scan.
- Finding “secret” directories on local servers
-
Automatic target scanning
There are also dir scanners like Raccoon, https://github.com/evyatarmeged/Raccoon
What are some alternatives?
evillimiter - Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
rapidscan - :new: The Multi-Tool Web Vulnerability Scanner.
HackVault - A container repository for my public web hacks!
dirsearch - Web path scanner
reconspider - 🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
recon - Enumerate a target Based off of Nmap Results
peafl64 - Static Binary Instrumentation tool for Windows x64 executables
skanuvaty - Dangerously fast DNS/network/port scanner
Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
ObsidianSailboat - Nmap and NSE command line wrapper in the style of Metasploit
SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.