evilsocket
commented
6 years ago mmm do you have evidence that integrating passivetotal.org would be better than just improving the subdomain wordlist?
Open 0x27 opened 6 years ago
evilsocket
commented
6 years ago mmm do you have evidence that integrating passivetotal.org would be better than just improving the subdomain wordlist?
0x27
commented
6 years ago I'll run a few, uh, tests and see if its worthwhile. I've seen some pretty weird stuff when enumerating using passivetotal on occasion though.
evilsocket
commented
6 years ago Thing is I'd like to avoid having 10000000 command line arguments with API keys n stuff if it's not strictly needed ... maybe it could be a good idea to perform a scan with the current wordlist and passivetotal.org on the same domain, then compare the results and steal what's missing :)
dhauenstein
commented
6 years ago Why not using a config file? Makes fiddling with command line args obsolete and IMHO handling much easier (also for use in a Docker Container, as those parameters can be read from the config file and/or env variables).
Leveraging an API key for the PassiveTotal (passivetotal.org) service would be super neat for grabbing more subdomains and related domains.