BugCod3

🔒

BugCod3

#Go #Subdomain #IP #Discovery

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

2⚡1❤1🔥1

1.03K viewsedited 12:03

BugCod3

AlterX

Fast and customizable subdomain wordlist generator using DSL.

📊 Features:

⚪️ Fast and Customizable
⚪️ Automatic word enrichment
⚪️ Pre-defined variables
⚪️ Configurable Patterns
⚪️ STDIN / List input

🔼 Installation:
To install alterx, you need to have Golang 1.19 installed on your system.

go install github.com/projectdiscovery/alterx/cmd/alterx@latest

💻 Examples:
An example of running alterx on existing list of passive subdomains of tesla.com yield us 10 additional NEW and valid subdomains resolved using dnsx.

chaos -d tesla.com | alterx | dnsx

Similarly -enrich option can be used to populate known subdomains as world input to generate target aware permutations.

chaos -d tesla.com | alterx -enrich

You can alter the default patterns at run time using -pattern CLI option.

chaos -d tesla.com | alterx -enrich -p '{{word}}-{{suffix}}'

It is also possible to overwrite existing variables value using -payload CLI options.

alterx -list tesla.txt -enrich -p '{{word}}-{{year}}.{{suffix}}' -pp word=keywords.txt -pp year=2023

😸

Github

⬇️

🔒

BugCod3

#BugBounty #Subdomain #Generator #DSL

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

❤3⚡3👍3🔥2❤‍🔥1

2.12K views17:38

BugCod3

Subzy

💬

Subdomain takeover tool which works based on matching response fingerprints from can-i-take-over-xyz

Installation:

👩‍💻

go install -v github.com/LukaSikic/subzy@latest

📊 Options:
Only required flag for run subcommand(r short version) is either --target or --targets

⚪️

--target (string) - Set single or multiple (comma separated) target subdomain/s

⚪️

--targets (string) - File name/path to list of subdomains

⚪️

--concurrency (integer) - Number of concurrent checks (default 10)

⚪️

--hide_fails (boolean) - Hide failed checks and invulnerable subdomains (default false)

⚪️

--https (boolean) - Use HTTPS by default if protocol not defined on targeted subdomain (default false)

⚪️

--timeout (integer) - HTTP request timeout in seconds (default 10)

⚪️

--verify_ssl (boolean) - If set to true, it won't check site with invalid SSL

💻 Usage:
Target subdomain can have protocol defined, if not https:// will be used by default if --https not specifically set to true.

⚪️

List of subdomains:

./subzy run --targets list.txt

⚪️

Single or multiple targets:

./subzy run --target test.google.com
./subzy run --target test.google.com,https://test.yahoo.com

😸

Github

⬇️

🔒

BugCod3

#BugBounty #Cybersecurity #Subdomain #Takeover

➖

👤

📣

This media is not supported in your browser

Please open Telegram to view this post

VIEW IN TELEGRAM

👍3⚡2❤2🔥2

2.53K views10:52

BugCod3

1:13

VIEW IN TELEGRAM

SubCerts

💬

SubCerts is an automated tool designed to extract subdomains from certificate transparency logs using the crt.sh API. This tool allows security researchers, penetration testers, and developers to identify subdomains of a target domain by leveraging publicly available certificates.

📊

Features:
⚪️ Subdomain Extraction: Utilizes crt.sh, a certificate transparency log search engine, to gather subdomains associated with a target domain.

⚪️

HTTP Probing: Automatically sends HTTP/HTTPS requests to each extracted subdomain using httpx and
returns:
⚫️ HTTP status codes
⚫️ Page titles
⚫️ Silent output for clean and organized results

⚪️

Automation: Run the tool with a simple command and get results efficiently without manual effort.

⚪️

Flexible Output: Optionally save the extracted subdomains and httpx results to a file for later review.

🔼 Installation:

cd SubCerts
chmod +x *.sh
./setup.sh
./subcerts.sh -h

💻

Usage:
To run SubCerts for a domain and save the results to a file:

./subcerts.sh -u example.com --output results.txt

😸

Github

⬇️

🔒

BugCod3

#BugBounty #SubDomain #certificate

➖

👤

📣