GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → BitTheByte → Domainker

BitTheByte / Domainker

Licence: other
BugBounty Tool

Programming Languages

python
139335 projects - #7 most used programming language

Labels

crawlercodecheckerinjectionhackingsubdomainrceresponsebugbountystruts2bbhacking-toolbugcrowdhackeroneh1sudomains

Projects that are alternatives of or similar to Domainker

PayloadsAll
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-22.5%)
Mutual labels:  rce, bugbounty, bugcrowd, hackerone
dora
Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (+472.5%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+3830%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Eagle
Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+112.5%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Stars: ✭ 34 (-15%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Ssti Payloads
🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (+275%)
Mutual labels:  code, injection, bugbounty
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+8377.5%)
Mutual labels:  subdomain, bugbounty, hacking-tool
credcheck
Credentials Checking Framework
Stars: ✭ 50 (+25%)
Mutual labels:  bugbounty, bugcrowd, hackerone
boxer
Boxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-62.5%)
Mutual labels:  bugbounty, hacking-tool
fleex
Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
Stars: ✭ 181 (+352.5%)
Mutual labels:  bugbounty, hacking-tool
HostPanic
Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-42.5%)
Mutual labels:  bugbounty, hacking-tool
magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1095%)
Mutual labels:  subdomain, bugbounty
ras-fuzzer
RAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (+5%)
Mutual labels:  subdomain, bugbounty
Jasmin-Ransomware
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+110%)
Mutual labels:  bugbounty, hacking-tool
lit-bb-hack-tools
Little Bug Bounty & Hacking Tools⚔️
Stars: ✭ 180 (+350%)
Mutual labels:  bugbounty, hacking-tool
AttackSurfaceManagement
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+12.5%)
Mutual labels:  bugbounty, hacking-tool
Sub-Drill
A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (+75%)
Mutual labels:  subdomain, bugbounty
BugHunterID
Para pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (+80%)
Mutual labels:  bugbounty, hackerone
NodeJS-Red-Team-Cheat-Sheet
NodeJS Red-Team Cheat Sheet
Stars: ✭ 121 (+202.5%)
Mutual labels:  injection, rce
Discord-Nitro-BruteForce
simple discord nitro code generator and checker written in c#
Stars: ✭ 26 (-35%)
Mutual labels:  code, checker
View All Similar Projects ➔

Domainker

Setup

Python pypi package got removed. if you want to use this tool follow the steps below

  • Manual setup
git clone https://github.com/BitTheByte/Domainker
cd Domainker
pip install -r requirements.txt
python domainker.py

How to use

I developed this tool to be easily managed and upgraded so i created it as small plugin systems connected together

Plugins and usage

lib\plugins\experimental\cache_poisoning.py : [--cache-poisoning] Check if the host is vulnerable to cache poisoning
lib\plugins\crlf.py   : [--crlf] Check if Host is Vulnerable To CRLF
lib\plugins\port.py   : [--ports] Scan for most common open ports. You can also use your own ports --ports 123,456,789
lib\plugins\aws.py    : [--aws] Check if The Target is found on Amazon + Automatic uploading
lib\plugins\cname.py  : [--dns] Return Target cname
lib\plugins\url.py    : [--url] Return Target Response Code [See the options for more details]
lib\plugins\struts.py : [--struts] Attack Struts [CVE-2018-11776]
lib\plugins\put.py    : [--put] Check if [PUT] Method is Enabled
lib\plugins\spf.py    : [--spf] Check For SPF Record

Basic usage

$ domainker -i google.com [.. Plugins]
$ domainker -d mydomains_list.txt [.. Plugins]
$ domainker -d mydomains_list.txt --url
$ domainker -d mydomains_list.txt --dns

You could also use multiple plugins at the same time

$ domainker -d mydomains_list.txt --url --dns --aws ...
$ domainker -i google.com --url --dns --aws ...

Options

$ domainker --help
  • Create output file [--output/-o file_name]
  • Threads count [--threads/-t number]
  • Interesting files search [--interesting-files/-F] [--url / --all required]
  • Thread timeout [--thread-timeout/-T seconds]
  • Request timeout [--request-timeout/-rt seconds]

Format

I want to add different formats at the future but currently this tool only supports this formats for the input file

https://sub.domain.com  
http://sub.domain.com  
sub.domain.com  
.sub.domain.com

Which generated by:

  • amass
  • aquatone (hosts.txt)
  • subfinder
  • sublist3r
    ... and many other subdomain finders

Contributors

FAQ

[Q] Why it's called Domainker?
[A] Originally this was a just checker script for domain availability so the name was originated from [Domain-Checker]

[Q] What is the tool for?
[A] This tool for bugbounty hunters to help them automate the boring tasks and find some low hanging bugs

[Q] Which Python version should i use?
[A] Python 2.7.16 (recommended) or Python 3.7.*

[Q] Does this tool support Python 3 ?
[A] Yes, Starting from 06/11/2019 python 3 is supported

[Q] I have an idea for you, what should i do?
[A] If you have already implemented your idea please make a pull request if not or don't know how to do it please open a new issue describing your idea in it

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].