Consider enhancing subdomain bruteforce by replacing Fierce with subbrute

leebaird / discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

MIT License

3.41k stars 822 forks source link

Consider enhancing subdomain bruteforce by replacing Fierce with subbrute #73

Closed iancnorden closed 8 years ago

iancnorden commented 8 years ago

Take a look at this, https://github.com/TheRook/subbrute. Significant wordlists compared to Fierce, but they do rely on open resolvers for efficiency and to reduce chance of blocking the brute forcing.

leebaird commented 8 years ago

I have done some testing of this tool using the namelist from dnsrecon. There are a lot of false positives and the tool always seems to hang. I have email the author or dnsrecon to see if certain features could be added to his tool.