Closed michenriksen closed 7 years ago
Awesome idea, and that's definitely a bug in the target parser. Thanks for the fix!
I wasn't familiar with aquatone until now, but will be trying it out on my next engagement. From your README, I see you can specify additional ports. Does aquatone pick up any additional protocols other than http? I could see this working really well where aquatone generates the list of subdomains and you can use the --all
flag to scan all known protocols against those discovered subdomains.
I also see there are some pretty specific ports in your scans. If you're looking for default creds on any of those ports, feel free to make an issue or even better a PR for them.
Hi there,
I'm playing around with Changeme, and must say I am thoroughly impressed with the tool!
I am the author of a tool called AQUATONE which is a subdomain enumeration and footprinting toolset, and I wanted to see how well the two tools work together. AQUATONE (more specifically
aquatone-scan
) can generate a file with URLs of a target domain after subdomains have been enumerated and open HTTP ports discovered. The content of the file looks like the following:I attempted to feed this file into Changeme, but discovered that it didn't like the trailing slashes and would generate URLs like so:
I think it would be a pretty badass combo if these two tools work seamlessly together. :)
Cheers.