assetfinder - Find Related Domains and Subdomains
source link: https://www.darknet.org.uk/2021/12/assetfinder-find-related-domains-and-subdomains/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to a given domain from a variety of sources including Facebook, ThreatCrowd, Virustotal and more.
assetfinder uses a variety of sources including those in the infosec space and social networks which can give relevant info:
- crt.sh
- certspotter
- hackertarget
- threatcrowd
- wayback machine
- dns.bufferover.run
- facebook – Needs FB_APP_ID and FB_APP_SECRET environment variables set (https://developers.facebook.com/) and you need to be careful with your app’s rate limits
- virustotal – Needs VT_API_KEY environment variable set (https://developers.virustotal.com/reference)
- findsubdomains – Needs SPYSE_API_TOKEN environment variable set (the free version always gives the first response page, and you also get “25 unlimited requests”) — (https://spyse.com/apidocs)
Sources to be implemented:
- http://api.passivetotal.org/api/docs/
- https://community.riskiq.com/ (?)
- https://riddler.io/
- http://www.dnsdb.org/
- https://certdb.com/api-documentation
Usage of assetfinder to Find Related Domains and Subdomains
The usage is very simple with only one option basically, to limit the search to subdomains only – by default it will scan for all associated domains and subdomains.
Installing assetfinder to Find Related Domains and Subdomains
If you have Go installed and configured (i.e. with $GOPATH/bin
in your $PATH
):
Another similar and recent tool that uses many of these sources and more and is also worth checking out is The OWASP Amass Project- DNS Enumeration, Attack Surface Mapping & External Asset Discovery.
You can download assetfinder here:
Source: assetfinder-master.zip
Linux: assetfinder-linux-386-0.1.1.tgz
Windows: assetfinder-windows-386-0.1.1.zip
Or read more here.
Posted in: Hacking Tools
Latest Posts:
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
No comments yet.
Leave a Reply Click here to cancel reply.
Name (required)
Email (will not be published) (required)
Website
Recommend
-
73
About Sublist3r Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdom...
-
64
GitHub is where people build software. More than 28 million people use GitHub to discover, fork, and contribute to over 80 million projects.
-
64
README.md brute
-
83
README.md SubFinder
-
74
README.md SubFinder
-
16
The Vulnerability Prior to this advisory, it was possible to register homograph domain names on gTLDs (.com, .net, etc.) as well as subdomains within some SaaS...
-
6
DNS Hijacking – Taking Over Top-Level Domains and Subdomains / January 19, 2021
-
5
assetfinder Find domains and subdomains potentially related to a given domain. Install If you have Go installed and configured (i.e. with $GOPATH/bin in your $PATH): go get -u...
-
5
How Hackers Attack Subdomains and How to Protect ThemJuly 14th 2021 new story10
-
1
assetfinder – Find Related Domains and Subdomains Last updated: December 30, 2021 | 1,919 views assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK