Pentest Recon Scanners

rofl cake

Contributing Member

DNS recon | Brute forcer | DNS Zone Transfer | Email Enumeration
The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will brute force subdomains using parallel sub processing on the top 20000 of the 'The Alexa Top 1 Million subdomains'. NetCraft results are presented individually and are then compared to the brute force results, any duplications are removed and particularly interesting results are highlighted.
You do not have permission to view link Log in or register now.

Automated Pentest Recon Scanner
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Automatically collects basic recon (ie. whois, ping, DNS, etc.)
Automatically launches Google hacking queries against a target domain
Automatically enumerates open ports
Automatically brute forces sub-domains and DNS info
Automatically runs targeted nmap scripts against open ports
Automatically scans all web applications for common vulnerabilities
Automatically brute forces all open services
You do not have permission to view link Log in or register now.

The RobotsDisallowed project is a harvest of the Disallowed directories from the robots.txt files of the world's top websites--specifically the Alexa 100K.

This list of Disallowed directories is a great way to supplement content discovery during a web security assessment, since the website owner is basically saying "Don't go here; there's sensitive stuff in there!".

It's basically a list of potential high-value targets.
You do not have permission to view link Log in or register now.
Last edited:

Top Bottom