Personal use, paths assumed to exist.
- postgresql
- sunny cli util to gather metadata of an ip
- hacks cli utils to handle structured data (nmap xml, ip address ranges, etc)
- nmap
- amass
- nikto
- massdns
- subjack
- aquatone
- hakwarwler
- SubDomanizer
- uriinteresting
- unfurl
- zonemaster
- oneforall
- trusttrees
get subdomains from domain
bruteforces domain using jhaddix all.txt
resolves subdomains found + tries some variations and subdomains from siblings
ping scan ips found and get basic informations from them, like if they belong to cloud providers
nmap TCP, UDP and TCPFULL just to discover open ports
cleanup resolvers version of IPs from massdns based on cleanupresolvers.sh
generates the report for possible tlds for said domain
version that does not contain comments, explicit wildcards and non-explicit ones
generates a new clean_public_suffix_list.dat
contains only domains that have wildcard from public_suffix.dat