Pentest Recon Scanners

rofl cake

Well-Known Member
Joined
May 25, 2015
Messages
207
Likes
448
Points
108
#1

BLUTO
DNS recon | Brute forcer | DNS Zone Transfer | Email Enumeration
ABOUT:
The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will brute force subdomains using parallel sub processing on the top 20000 of the 'The Alexa Top 1 Million subdomains'. NetCraft results are presented individually and are then compared to the brute force results, any duplications are removed and particularly interesting results are highlighted.
You do not have permission to view link Log in or register now.



Automated Pentest Recon Scanner
ABOUT:
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
Code:
FEATURES:

Automatically collects basic recon (ie. whois, ping, DNS, etc.)
Automatically launches Google hacking queries against a target domain
Automatically enumerates open ports
Automatically brute forces sub-domains and DNS info
Automatically runs targeted nmap scripts against open ports
Automatically scans all web applications for common vulnerabilities
Automatically brute forces all open services
You do not have permission to view link Log in or register now.



RobotsDisallowed
ABOUT:
The RobotsDisallowed project is a harvest of the Disallowed directories from the robots.txt files of the world's top websites--specifically the Alexa 100K.

This list of Disallowed directories is a great way to supplement content discovery during a web security assessment, since the website owner is basically saying "Don't go here; there's sensitive stuff in there!".

It's basically a list of potential high-value targets.
You do not have permission to view link Log in or register now.
 
Last edited:

Top