[homepage]https://github.com/v4d1/Dome[/homepage]
[tags]recon,subdomains,ports,bruteforce[/tags]
[short_descr]Script that makes active and/or passive scan to obtain subdomains and search for open ports.[/short_descr]
[long_descr]This tool is recommended for bug bounty hunters and pentester in their reconnaissance phase (the more surface area exposed the faster a rock with break down). If you want to use more OSINT engines, fill the config.api file with the needed API tokens.
Passive Mode:
Use OSINT techniques to obtain subdomains from the target. This mode will not make any connection to the target so it is undetectable.
Active Mode:
Perform bruteforce attacks to obtain alive subdomains: pure bruteforce or wordlist based
Top Features:
Easy to use. Just install the requirements.txt and run
Active and Passive scan (read above)
Faster than other subdomain enumeration tools
7 different resolvers/nameservers including google, cloudfare (fastest), Quad9 and cisco DNS (use --resolvers filename.txt to use a custom list of resolvers, one per line)
Up to 21 different OSINT sources
Subdomains obtained via OSINT are tested to know if they are alive (only in active mode)
Support for webs that requires API token
Detects when api key is no longer working (Other tools just throw an error and stops working)
Wildcard detection and bypass
Custom Port scaning and built-in params for Top100,Top1000 and Top Web ports
Colored and uncolored output for easy read
Windows and Python 2/3 support (Python 3 is recommended)
Highly customizable through arguments
Scan more than one domain simultaneously
Possibility to use threads for faster bruteforce scans
[homepage]https://github.com/v4d1/Dome[/homepage] [tags]recon,subdomains,ports,bruteforce[/tags] [short_descr]Script that makes active and/or passive scan to obtain subdomains and search for open ports.[/short_descr] [long_descr]This tool is recommended for bug bounty hunters and pentester in their reconnaissance phase (the more surface area exposed the faster a rock with break down). If you want to use more OSINT engines, fill the config.api file with the needed API tokens.
Top Features: