reNgine-ng is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface.
PureDNS is a fast subdomain recon tool that can be used to bruteforce huge subdomain wordlists in a few minutes. I've been using a 12 million line subdomain list to find different uncommon subdomains.
Implementation of the tool with the ability to add your own custom subdomain wordlist would further improve subdomain recon.
Amass is capable of brute forcing subdomains but it takes way too long, with this tool, it takes approximately 20 minutes to brute force a 12 million subdomain wordlist. My current flow is to use the tool on it's own and then import the subdomains I get from it into reNgine when starting a scan however it would be nice to have it implemented.
Is there an existing feature or issue for this?
Expected feature
Submitted by @alph4byt3
PureDNS is a fast subdomain recon tool that can be used to bruteforce huge subdomain wordlists in a few minutes. I've been using a 12 million line subdomain list to find different uncommon subdomains.
Implementation of the tool with the ability to add your own custom subdomain wordlist would further improve subdomain recon.
Tool can be found here - https://github.com/d3mondev/puredns
Amass is capable of brute forcing subdomains but it takes way too long, with this tool, it takes approximately 20 minutes to brute force a 12 million subdomain wordlist. My current flow is to use the tool on it's own and then import the subdomains I get from it into reNgine when starting a scan however it would be nice to have it implemented.
Alternative solutions
No response
Anything else?
No response