si9int / Acamar
Licence: mit
A Python3 based single-file subdomain enumerator
Stars: ✭ 89
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Acamar
Dictionary Of Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+452.81%)
Mutual labels: subdomain, pentesting, bugbounty
Subover
A Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+582.02%)
Mutual labels: subdomain, pentesting, bugbounty
sub404
A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+130.34%)
Mutual labels: subdomain, pentesting, bugbounty
Subjack
Subdomain Takeover tool written in Go
Stars: ✭ 1,194 (+1241.57%)
Mutual labels: subdomain, pentesting, bugbounty
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+471.91%)
Mutual labels: pentesting, bugbounty
Information collection handbook
Handbook of information collection for penetration testing and src
Stars: ✭ 447 (+402.25%)
Mutual labels: subdomain, pentesting
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+507.87%)
Mutual labels: pentesting, bugbounty
Security whitepapers
Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+623.6%)
Mutual labels: pentesting, bugbounty
Privesc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+783.15%)
Mutual labels: pentesting, bugbounty
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+379.78%)
Mutual labels: pentesting, bugbounty
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+994.38%)
Mutual labels: subdomain, bugbounty
Bugcrowd Levelup Subdomain Enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+476.4%)
Mutual labels: subdomain, pentesting
Metabigor
Intelligence tool but without API key
Stars: ✭ 424 (+376.4%)
Mutual labels: pentesting, bugbounty
Top25 Parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+335.96%)
Mutual labels: pentesting, bugbounty
Offensive Docker
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+268.54%)
Mutual labels: pentesting, bugbounty
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+315.73%)
Mutual labels: subdomain, pentesting
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+865.17%)
Mutual labels: pentesting, bugbounty
Acamar
A Python3 based single-file subdomain enumerator (with barely dependencies; BeautifulSoup is required tho).
[1] Another.. Why?
Because I had some issues with other solutions and always try to expand my own toolset instead of using tools made by other people. You can learn a lot about different things!
[2] Is it better?
I doubt, but it enumerates 14 online services successfully and didn't implement performance-heavy services like WaybackMachine, Archive.is or Baidu. It's neither multi-threaded but finishes every time under a minute. Here is a PRO/CONTRA:
Note: I will re-code the script due it's popularity
- Pro: single-file, Python3 based, low-dependency, no API keys, I will enhance this project ;-)
- Contra: single-threaded, probably missing something, no fancy interface stuff, no DNS bruteforce (future release)
[3] How to install?
Method 1: This script requires only "requests" and "beautifulsoup4", if don't have them already:
pip install beautifulsoup4
pip install requests
Method 2: It's also possible to install all dependencies using requirements.txt:
pip install -r requirements.txt
[4] I wanna use it, how?
python3 acamar.py [domain]
[5] Example
python3 acamar.py twitter.com
[..]
service01.dmz1.twitter.com
partnerdata01.dmz1.twitter.com
www01.dmz1.twitter.com
www02.dmz1.twitter.com
spiderduck01.dmz1.twitter.com
spiderduck02.dmz1.twitter.com
spiderduck03.dmz1.twitter.com
[!] Counting 753 unique subdomains
The result will be saved in the same directory under a filename called [domain].txt within the results folder.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].