search

owasp-amass / amass

In-depth attack surface mapping and asset discovery
https://owasp.org/www-project-amass/
Other
11.73k stars 1.86k forks source link

[Feature Request] Top Level Domain Enumeration #616

Open as-km opened 3 years ago

as-km commented 3 years ago

It would be helpful to add an option to enumerate potential top level domains.

Compare the description of the following project (tld-scan):

The core idea is to perform a TCP sync scan against potential web applications (running on port 80) for all possible top level domains.

As a result further domains could be analyzed, i.e.:

tld scan ethermat

ethermat.com
ethermat.ph
ethermat.pl
ethermat.vg
ethermat.ws
ethermat.xn--node
chrisdlangton commented 3 years ago

I use this in my own recon-ng version of the idea https://data.iana.org/TLD/tlds-alpha-by-domain.txt