Displaying 1 to 20 from 22 results

lion - Lion is a fast HTTP router for building modern scalable modular REST APIs in Go

  •    Go

Lion is a fast HTTP router for building modern scalable modular REST APIs written in Go (golang). Next versions of Lion will support the latest Go version and the previous one. For example, when Go 1.8 is out, Lion will support Go 1.7 and Go 1.8.

amass - In-depth subdomain enumeration written in Go

  •    Go

Amass is now an OWASP project and the OWASP GitHub organization repository is where all further development and releases will take place.

subfinder - SubFinder is a subdomain discovery tool that discovers valid subdomains for websites

  •    Go

SubFinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and has been aimed as a successor to sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then it uses a permutation module inspired by altdns to generate permutations and resolve them quickly using a powerful bruteforcing engine. It can also perform plain bruteforce if needed. The tool is highly customizable, and the code is built with a modular approach in mind making it easy to add functionalities and remove errors. We have designed SubFinder to comply with all passive sources licenses, and usage restrictions, as well as maintained a consistently passive model to make it useful to both penetration testers and bug bounty hunters alike.

Scanners-Box - The toolbox of open source scanners - 安全行业从业者自研开源扫描器合辑


Scanners Box is a collection of open source scanners which are from the github platform, including subdomain enumeration, database vulnerability scanners, weak passwords or information leak scanners, port scanners, fingerprint scanners, and other large scale scanners, modular scanner etc. For other Well-known scanning tools, such as: awvs,nmap,w3af will not be included in the scope of collection. The purpose of this collection is to provide various types of opensource security scanning tool that can help Internet companies to be more safer.

fierce - A DNS reconnaissance tool for locating non-contiguous IP space.

  •    Python

Fierce is a DNS reconnaissance tool for locating non-contiguous IP space. First, credit where credit is due, fierce was originally written by RSnake along with others at http://ha.ckers.org/. This is simply a conversion to Python 3 to simplify and modernize the codebase.

subjack - Hostile Subdomain Takeover tool written in Go

  •    Go

Subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule out false positives. Subjack will also check for subdomains attached to domains that don't exist (NXDOMAIN) and are available to be registered. No need for dig ever again! This is still cross-compatible too.

tld.js - JavaScript API to work easily with complex domain names, subdomains and well-known TLDs.

  •    Javascript

tld.js is a Node.js module written in JavaScript to work against complex domain names, subdomains and well-known TLDs. It answers with accuracy to questions like what is mail.google.com's domain?, what is a.b.ide.kyoto.jp's subdomain? and is https://big.data's TLD a well-known one?.

SubOver - A Powerful Subdomain Takeover Tool

  •    Go

Subover is a Hostile Subdomain Takeover tool originally written in python but rewritten from scratch in Golang. Since it's redesign, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 30+ services which is much more than any other tool out there. The tool uses Golang concurrency and hence is very fast. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful. You need to have Golang installed on your machine. There are no additional requirements for this tool.

subdomain - Node.JS Express Subdomain Middleware.

  •    Javascript

Node.js Express Subdomain Middleware. Order matters with express, so make sure you are injecting the middleware before any routes that depend on it.

ember-cli-subdomain - A simple cli addon that adds subdomain detection to an Ember application

  •    Javascript

This simple add-on adds subdomain detection to an Ember application. Use the method subdomain of the injected urlChecker for your magics...

subquest - Fast, Elegant subdomain scanner using nodejs

  •    Javascript

Than you can require it in your script and use it, following examples below. Before the version 1.5.0 the module makes use of event emitters to determine when it's done.

node-tldtools - Extracts a domain into its component parts

  •    Javascript

This module provides TLD domain extraction and resolution services. It's useful if you need to extract semantically meaningful tokens from a URL. Extracts tld, domain and subdomain parts from the provided fqdn (supports FQDNs names and URIs).

MarkDownBlog - A flask web application that allows to create blog

  •    CSS

This repository is associated to the website markdownblog.com. TLD;DR : A blog-platform engine which uses markdown as the main article format that you can install on your own or use the main website.

Amass - In-Depth DNS Enumeration written in Go

  •    Go

The OWASP Amass tool obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the information is then used to build maps of the target networks. A precompiled version is available for each release.

domain_hunter - A Burp Suite Extender that search sub domain and similar domain from sitemap,get related domains from certification

  •    Java

A Burp Suite extender that search sub domains,similar domains and related domains from sitemap. Some times similar domain and related domains give you surprise^_^. that's why I care about it. 2017-07-28: Add a function to crawl all known subdomains; fix some bug.

fdns - Concurrent Rapid7 FDNS dataset parser

  •    Go

Package fdns parses Rapid7 Forward DNS dataset in a concurrent way. The parser reports found entries (subdomains, IP addresses, records, etc) for the given record and domain. Send a PR or open an issue. Just make sure that your PR passes gofmt, golint and govet.

meteor-subdomain-persistent-login - Enabling persistent logins for meteor

  •    Javascript

This will set the cookie for all subdomains of app.localhost and app.localhost itself. Replace app.localhost with your domain. If you host your app on multiple domains you can even give a list of domains. However the login will not persist between domains, because that is not possible with cookies.

Acamar - A Python3 based single-file subdomain enumerator

  •    Python

A Python3 based single-file subdomain enumerator (with barely dependencies; BeautifulSoup is required tho).