axiom
Sudomy
Our great sponsors
axiom | Sudomy | |
---|---|---|
3 | 3 | |
3,817 | 1,847 | |
- | - | |
7.0 | 2.2 | |
13 days ago | 2 months ago | |
Shell | Shell | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
axiom
-
How do real hunters handle with rate-limit?
- Bypass it with IP rotation. In most cases that works. There are things like AWS API gateway that can be useful for this through fireprox. There is also axiom or hakscale
-
Axiom: Just-in-time dynamic infra for offensive security operations
https://github.com/pry0cc/axiom/blob/master/interact/axiom-c...
They also recommend only installing it in an "VPS environment"(Virtual Private Serer) because it overwrites your .bashrc or .zshrc files depending on your preferred Shell.
-
Help finding tools
Hello, I was wondering if anyone can help me find any tools like https://github.com/pry0cc/axiom that do the same, spin up a bunch of vms and have an nmap scan from source?
Sudomy
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting
- Non brute-forcing options/strategies to find subdomains
-
Looking for an API like builtwith.com (let's you know what technology is behind website), but one that's opensource, or at least is more startup friendly ....
That said, keep in mind that not everything is going to find its way indexed in Google. If it's subdomains you're after, you can use tools like Sublist3r or Sudomy to pull data from multiple sources (not just DNS).
What are some alternatives?
fricas - Official repository of the FriCAS computer algebra system
Sublist3r - Fast subdomains enumeration tool for penetration testers
ffmpeg_batch - FFmpeg Batch AV Converter
spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Sn1per - Attack Surface Management Platform
AV-converter - A web app to convert an audio/video file to another format. Client side conversion means that your file does not get uploaded to a server. You can also download YouTube videos at the /yt endpoint.
LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
kenzer - automated web assets enumeration & scanning [DEPRECATED]
Dome - Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
NotEnoughAV1Encodes - GUI for AV1 (aomenc, rav1e & svt-av1)
eReKon - Yet another web recon tool, rebuilding on t3 stack