This is very basic automated recon script tool.
Autor: MrCl0wn
Blog: http://blog.mrcl0wn.com
GitHub: https://github.com/MrCl0wnLab
Twitter: https://twitter.com/MrCl0wnLab
Email: mrcl0wnlab\@\gmail.com
python tool.py {domain}
python tool.py fbi.gov
curl -s "https://rapiddns.io/subdomain/TARGET?full=1#result" | awk -v RS='<[^>]+>' '/$1/' | sort -u >>TARGET-rapiddns.txt
curl -s "https://rapiddns.io/subdomain/TARGET?full=1#result" | awk -v RS='<[^>]+>' '/$1/' | sort -u >>TARGET-rapiddns.txt
curl -s "https://riddler.io/search/exportcsv?q=pld:TARGET" | grep -Po "(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u >>TARGET-riddler.txt
curl -s "https://jldc.me/anubis/subdomains/TARGET" | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u >>TARGET-jldc.txt
curl -s "https://crt.sh/?q=%25.TARGET&output=json" | jq -r '.[].name_value' | sed 's/\*\.//g' | sort -u >>TARGET-crt.txt
curl -s "https://dns.bufferover.run/dns?q=.TARGET" | jq -r .FDNS_A[] | sed -s 's/,/\\n/g' | sort -u >>TARGET-bufferover.txt
curl -s "https://urlscan.io/domain/TARGET" | grep "/domain" | grep TARGET | grep -v "<span" | cut -d"/" -f3 | cut -d">" -f1 | sed 's/"//g' | sort -u >>TARGET-urlscan.txt
cat TARGET-*.txt | sort -u >TARGET.txt;cat TARGET.txt -n
TARGET-rapiddns.txt
TARGET-riddler.txt
TARGET-jldc.txt
TARGET-crt.txt
TARGET-bufferover.txt
TARGET-urlscan.txt
TARGET.txt
@ofjaaah