- May 25, 2015
DNS recon | Brute forcer | DNS Zone Transfer | Email Enumeration
The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will brute force subdomains using parallel sub processing on the top 20000 of the 'The Alexa Top 1 Million subdomains'. NetCraft results are presented individually and are then compared to the brute force results, any duplications are removed and particularly interesting results are highlighted.
Automated Pentest Recon Scanner
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
FEATURES: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports Automatically brute forces sub-domains and DNS info Automatically runs targeted nmap scripts against open ports Automatically scans all web applications for common vulnerabilities Automatically brute forces all open services
The RobotsDisallowed project is a harvest of the Disallowed directories from the robots.txt files of the world's top websites--specifically the Alexa 100K.
This list of Disallowed directories is a great way to supplement content discovery during a web security assessment, since the website owner is basically saying "Don't go here; there's sensitive stuff in there!".
It's basically a list of potential high-value targets.