Skip to main content

Enumerate & Test Subdomains automatically

I wrote a python script that test all subdomains of a domain automatically using Sublist3r, nmap and nikto.

So i clubbed all 3 tools to create one.

Sublist3r scans subdomains using OSINT.
Then Nikto or Nmap is used to test it.

If you read my script you can add your commands to it to make it more beautiful. 

https://github.com/Vikas92155/Mass_Subdomain_Test

Do check this out!!

Please give me feedback on this one.

Comments

Post a Comment

Popular posts from this blog

Want a P5 bug or escalate it to P3 or P4

Hello Everyone, Many months back when i was testing on hackerone and i came across Jenkins instance. So first and foremost i did directory bruteforce and found interesting thing  on Jenkins instance i reported it got closed as informational as it was a VDP (was noob back there) I came across some more programs on jenkins instance and same error also appeared there . So i searched for more instances and it was working on all of then. What was the issue? Let's say target.com is jenkins instance so if we hit http://target.com/assets/ It throws stack error giving us instance information REPORTED I reported this to jenkins https://www.jenkins.io/security/ and after some days i recieved a  mail   I was so glad that i was going to get CVE in my pocket. BUT unfortunately So i guess i wasn't getting any CVE So if anyone want any information about instance or plugins feel free to use above method if not fixed Here's Jira issue https://issues.jenki...
Post a Comment
Read more

Skills needed to become a Hacker

The Essential Skills to Becoming a Master Hacker DISCLAIMER:  I blatantly copied this from http://null-byte.wonderhowto.com/how-to/essential-skills-becoming-master-hacker-0154509/ for all aspiring hackers (if they haven't seen it already, or just to remind). I will not take credit for the content, only for copying/pasting it like a God for you all. There are many already skilled people in the community, and also just curious minds starting out. This is what you need. ---START OF COPY_PASTE--- Many of my aspiring hackers have written to me asking the same thing. "What skills do I need to be a good hacker?" As the hacker is among the most skilled information technology disciplines, it requires a wide knowledge of IT technologies and techniques. To truly be a great hacker, one must master many skills. Don't be discouraged if you don't have all the skills I list here, but rather use this list as a starting ground for what you need to study and master in ...
3 comments
Read more

Do IDOR( Insecure direct object references ) Exists Everywhere ?

Hello everyone,   As infosec community has given me so much so i also plan to contribute in it Also take it as a tip , i guess you can learn and report something out of it . For those who don't know what IDOR is. Insecure Direct Object References occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources in the system directly .  Explanation of IDOR   Lets's assume a user has a user_id 123 so he access his/her account by visiting this link https://xxxx/profile/123 He change user_id to 456 https://xxxx/profile/456 and he can get details of 456 So that is IDOR in simple terms.     What was the bug exactly So I was hunting on a company website and i subscribed for its alerts. So i reported some bugs that some performed good and some were duplicates. On late evening i got a mail from that company of some errors t...
Post a Comment
Read more