Skip to content

MrCl0wnLab/SimpleReconSubdomain

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 

Repository files navigation

SimpleReconSubdomain

This is very basic automated recon script tool.

Python 3.7 Build Build GitHub

Autor:    MrCl0wn
Blog:     http://blog.mrcl0wn.com
GitHub:   https://github.com/MrCl0wnLab
Twitter:  https://twitter.com/MrCl0wnLab
Email:    mrcl0wnlab\@\gmail.com

USE

python tool.py {domain}
python tool.py fbi.gov

Screenshot Screenshot

TARGET IS A MAGIC STRING

curl -s "https://rapiddns.io/subdomain/TARGET?full=1#result" | awk -v RS='<[^>]+>' '/$1/' | sort -u >>TARGET-rapiddns.txt

curl -s "https://rapiddns.io/subdomain/TARGET?full=1#result" | awk -v RS='<[^>]+>' '/$1/' | sort -u >>TARGET-rapiddns.txt

curl -s "https://riddler.io/search/exportcsv?q=pld:TARGET" | grep -Po "(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u >>TARGET-riddler.txt

curl -s "https://jldc.me/anubis/subdomains/TARGET" | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u >>TARGET-jldc.txt

curl -s "https://crt.sh/?q=%25.TARGET&output=json" | jq -r '.[].name_value' | sed 's/\*\.//g' | sort -u >>TARGET-crt.txt

curl -s "https://dns.bufferover.run/dns?q=.TARGET" | jq -r .FDNS_A[] | sed -s 's/,/\\n/g'  | sort -u  >>TARGET-bufferover.txt

curl -s "https://urlscan.io/domain/TARGET" | grep "/domain" | grep TARGET | grep  -v "<span" | cut -d"/" -f3 | cut -d">" -f1 | sed 's/"//g' | sort -u >>TARGET-urlscan.txt

cat TARGET-*.txt | sort -u >TARGET.txt;cat TARGET.txt -n

OUTPUT

TARGET-rapiddns.txt
TARGET-riddler.txt
TARGET-jldc.txt
TARGET-crt.txt
TARGET-bufferover.txt
TARGET-urlscan.txt

OUTPUT SORT UNIQ

TARGET.txt

Th4nk Y0u

@ofjaaah

About

This is very basic automated recon script tool.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages