Pentest Recon Scanners

rofl cake

Well-Known Member
May 25, 2015
204
451
108
007hwD4.jpg

BLUTO
DNS recon | Brute forcer | DNS Zone Transfer | Email Enumeration

ABOUT:
The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will brute force subdomains using parallel sub processing on the top 20000 of the 'The Alexa Top 1 Million subdomains'. NetCraft results are presented individually and are then compared to the brute force results, any duplications are removed and particularly interesting results are highlighted.
Download

CiY0w6F.png

Automated Pentest Recon Scanner
ABOUT:
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
Code:
FEATURES:

Automatically collects basic recon (ie. whois, ping, DNS, etc.)
Automatically launches Google hacking queries against a target domain
Automatically enumerates open ports
Automatically brute forces sub-domains and DNS info
Automatically runs targeted nmap scripts against open ports
Automatically scans all web applications for common vulnerabilities
Automatically brute forces all open services
Download

5bkclmZ.png

RobotsDisallowed
ABOUT:
The RobotsDisallowed project is a harvest of the Disallowed directories from the robots.txt files of the world's top websites--specifically the Alexa 100K.

This list of Disallowed directories is a great way to supplement content discovery during a web security assessment, since the website owner is basically saying "Don't go here; there's sensitive stuff in there!".

It's basically a list of potential high-value targets.
Download
 
Last edited:
Top