DataSploit / datasploit

An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
GNU General Public License v3.0
3.02k stars 425 forks source link

Add Subbrute #43

Closed menzow closed 7 years ago

menzow commented 8 years ago

I think implementing (subbrute)[https://github.com/TheRook/subbrute] would be a nice addition for scanning DNS entries.

More info: https://www.youtube.com/watch?v=ekUQIVUzDX4

Anyone agree?

upgoingstar commented 8 years ago

Hi, I agree with your views. Adding subbrute could be helpful, but I see two problems with it.

  1. It hits the server, i.e. server gets a log, which we do not want.
  2. Brute forcing subdomains with patterns like x.y.z.abc.com becomes almost impossible.

Having said that, I do not underestimate the importance of it. We can probably write down a module for this, but not sure if this should be included in automated part or not.

Please suggest your views for including in automated part?

SudhanshuC commented 8 years ago

What we can do is create a dictionary of some common sub-domains and ask the user explicitly if they want to include this for discovery. Of course users can modify the dictionary as per requirement.

upgoingstar commented 7 years ago

@SudhanshuC / @nkpanda would you guys like to pick this up?

upgoingstar commented 7 years ago

Not including subbrute, but will add few more sources into datasploit

hence it goes as Duplicate of #113