A domain name
tool
The tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ng
domained uses several tools and wordlists to create a unique list of subdomains that are passed to for reporting with categorized screenshots, server response headers and signature based default credential checking. (resources are saved to ./bin and output is saved to ./output)
Initial Install:
Tools leveraged:
Subdomain Enumeraton Tools:
Reporting + Wordlists:
Usage:
First Step:
Install Required Python Modules: sudo pip install -r ./ext/requirements.txt
Install Tools: sudo python3 domained.py --install
Example 1: python3 domained.py -d example.com
Uses subdomain example.com (Sublist3r (+subbrute), enumall, Knock, Amass, and SubFinder)
Example 2: python3 domained.py -d example.com -b -p --vpn
Uses subdomain example.com with seclist subdomain list (massdns, subbrute, Sublist3r, Amass, enumall, and SubFinder), adds ports 8443/8080 and checks if on VPN
Example 3: python3 domained.py -d example.com -b --bruteall
Uses subdomain example.com with large-all.txt bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall and SubFinder)
Example 4: python3 domained.py -d example.com --quick
Uses subdomain example.com and only Amass and SubFinder
Example 5: python3 dom ained.py -d example.com --quick --notify
Uses subdomain example.com, only Amass and SubFinder and notification
Example 6: python3 domained.py -d example.com --noeyewitness
Uses subdomain example.com with no EyeWitness
Note: --bruteall must be used with the -b flag
The tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ng
domained uses several tools and wordlists to create a unique list of subdomains that are passed to for reporting with categorized screenshots, server response headers and signature based default credential checking. (resources are saved to ./bin and output is saved to ./output)
Initial Install:
- domained tools: python3 domained.py --install
- Python required modules: sudo pip install -r ./ext/requirements.txt
-
library for DNS programming:
- sudo apt-get install libldns-dev -y
-
Programming Language:
- sudo apt-get install golang
Tools leveraged:
Subdomain Enumeraton Tools:
- by Ahmed Aboul-Ela
- by Jason Haddix
- by Gianni Amato
- by TheRook
- by B. Blechschmidt
- by Tim Tomes (LaNMaSteR53)
- by Jeff Foley (caffix)
- by by Ice3man543
Reporting + Wordlists:
- by ChrisTruncer
- (DNS Recon List) by Daniel Miessler
- by Jason Haddix
Usage:
First Step:
Install Required Python Modules: sudo pip install -r ./ext/requirements.txt
Install Tools: sudo python3 domained.py --install
Example 1: python3 domained.py -d example.com
Uses subdomain example.com (Sublist3r (+subbrute), enumall, Knock, Amass, and SubFinder)
Example 2: python3 domained.py -d example.com -b -p --vpn
Uses subdomain example.com with seclist subdomain list (massdns, subbrute, Sublist3r, Amass, enumall, and SubFinder), adds ports 8443/8080 and checks if on VPN
Example 3: python3 domained.py -d example.com -b --bruteall
Uses subdomain example.com with large-all.txt bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall and SubFinder)
Example 4: python3 domained.py -d example.com --quick
Uses subdomain example.com and only Amass and SubFinder
Example 5: python3 dom ained.py -d example.com --quick --notify
Uses subdomain example.com, only Amass and SubFinder and notification
Example 6: python3 domained.py -d example.com --noeyewitness
Uses subdomain example.com with no EyeWitness
Note: --bruteall must be used with the -b flag
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding