Get (rid of) Wildcard Domains
go get github.com/thelikes/gwdomains
This tool takes a list of potential sub domains and filters out only legitimate domains. For use with tools like altdns, dnsgen, and syborg.
- Brute force sub domains (knock,amass,fierce,subfinder,etc)
- Run a mutator (dnsgen,syborg,etc)
- Resolve the mutations
- Feed gwdomains the mutated sub domains
cat mutated.txt | gwdomains
Verbose output:
cat mutated.txt |MYGODEBUG=true gwdomains
HuG3 thanks to OWASP Amass