Subdomain3 is a new generation of tool , It helps penetration testers to discover more information in a shorter time than other tools.The information includes subdomains, IP, CDN, and so on. Please enjoy it.Features More quick Three patterns for speed. User can modify the configuration(lib/config.py) file to speed-up. CDN support Determines whether the subdomain uses […]
Are you still using command-line subdomain search? There are many methods of finding information about subdomains, but most of them can be time-consuming and disorganized, especially for newcomers to the field of programming. The trend of the moment is using online tools to find information about subdomains. The tool we will be discussing here is […]
There are many tools which are used in gathering information. These tools gather information but are not able to gather some secret information of target. There are various way to exploit any target. But there are some vital information which comes really helpful while exploiting target, explain ethical hacking investigators. So today we will show […]
theHarvester is a tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers). Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet. […]
DNSMap: Dnsmap is a tool used to gather subdomains & information of subdomains for a target host, as per ethical hacking courses. It was developed in 2006 and last updated in 2010. This package consists of 2 scripts – dnsmap, and dnsmap-bulk.sh. Dnsmap is used in scanning single domain and dnsmap-bulk.sh in bulk domains. According […]
What is Subdomain Takeover? Subdomain takeover is a class of vulnerability where subdomain points to an external service that has been deleted. The external services are Github, Heroku, Gitlab, Tumblr and so on. Let’s assume we have a subdomain sub.example.com that points to an external service such as GitHub. If the Github page is removed […]
Subdomain takeover is a class of vulnerability where subdomain points to an external service that has been deleted. The external services are Github, Heroku, Gitlab, Tumblr and so on. Let’s assume we have a subdomain sub.example.com that points to an external service such as GitHub. If the Github page is removed by its owner and […]
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and has been aimed as a successor to sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then it uses a permutation module inspired by […]
Information security training experts from MindPoint Group, an information security firm, have hijacked over 2,000 subdomains from legitimate websites while researching possible vulnerabilities in Amazon’s CloudFront CDN service. Experts found that CloudFront’s CDN routing mechanism that linked a site’s domain and subdomains to a specific server contained a flaw that allowed attackers to point misconfigured […]
Listing subdomains about the main domain using the technique called Hacking with search engines. Usage usage: n4xd0rk.py [-h] [-d DOMAIN] [-i IP] -o OPTION -n SEARCH [-e EXPORT] [-l LANGUAGE] This script searchs the subdomains about a domain using the results indexed of Bing search. optional arguments: -h, –help show this help message and exit […]
Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and […]
Fierce is an open source active information gathering tool to identify subdomains of a target website. This tool was written by Robert Hansen. It’s a PERL script that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics. The tool comes pre-installed by default in Kali Linux from Offensive-Security. The […]
The Kurdish defacer is known for defacing high-profile website with messages against the so-called Islamic State and the Republic of Turkey! A Kurdish hacker going by the online handle of MuhmadEmad hacked and defaced 4 sub-domain belonging to Dell, the world renowned multinational computer technology company. MuhmadEmad, who is a well-known voice of Kurdish people was last […]
Summary: Yesterday, it was the pro-Assad hackers from Syrian Electronic Army who took over the US Army website, today the pro-Palestinian hackers took over US Air Force domains — Both US Army and Airforce domains were hacked two days after Obama’s call for stronger cybersecurity for Americans. The Palestinian friendly hackers from AnonGhost hacked and defaced two […]