Closed ehsandeep closed 4 years ago
I'm preparing the list of sources that support recursive scan vs do not support recursive scan, using that this can be achieved using exclude-sources
or sources
flag.
Recursive scan supported sources:-
- alienvault
- bufferover
- certspotter
- certspotterold
- crtsh
- dnsdumpster
- hackertarget
- ipv4info
- passivetotal
- securitytrails
- sublist3r
- virustotal
- zoomeye
- commoncrawl
I'm considering not using commoncrawl
and zoomeye
with -recursive
flag as default as they take a long time with fewer results.
We can make use of config file for this, where users can update/add/remove sources for recursive
scan as per their need.
recursive:
- alienvault
- bufferover
- certspotter
- certspotterold
- crtsh
- dnsdumpster
- hackertarget
- ipv4info
- passivetotal
- securitytrails
- sublist3r
- virustotal
What's the problem (or question)?
Half of the sources allows looking for subdomains of subdomains recursively, but for now, all the sources are used as a default even they don't return any results and increase scan time, so adding a flag for this only runs sources which does support recursive lookup, saves lot of time of the scan and more control on the scan for user.
Do you have an idea for a solution?