Comments (7)
I think mainly time is taken in shuffleDNS Sub Domains Brute Forcing and JS Files Extractions!
Both of them are very slow!
I tried on a very small scope program this both caused it to take around 4 hrs!
from reconftw.
- GitDorker could be an option.
- GitGraber could be an option.
- GitGot is interactive.
- Gitleaks requires target repository.
- Gitminer requires setting GitHub cookie manually.
- Trufflehog requires target repository.
- Gitrob, web interface, requires git user/organization as target.
- Git-hound requires 2FA input.
from reconftw.
What is the main problem with git-hound?
from reconftw.
Just make some research in terms of results and speed
from reconftw.
Thanks for the feedback @hackingguy can you tell us what is exactly a very small scope? How many subdomains resolved? I have been testing for a "small scope" <30 subs alive and it takes 25 min. It's right JS subs scraping takes too much and that's why we set a max time of 10m for this step.
from reconftw.
Target z***.com: 23 probed links
santaHog
antahog --regex --entropy --pypi santaHog
Works only agianst pypi or npm packages .
git-hound
truffleHogRegexes
- These are the regexes that power truffleHog
truffleHog
truffleHog --regex --entropy=True git_url="https://github.com/dxa4481/truffleHog.git"
installed via pip3 but throws errors:
File "/home/xxxx/.local/lib/python3.8/site-packages/git/cmd.py", line 408, in wait
raise GitCommandError(self.args, status, errstr)
git.exc.GitCommandError: Cmd('git') failed due to: exit code(128)
cmdline: git clone -v git_url=https://github.com/dxa4481/truffleHog.git /tmp/tmpu4hbpnjl
stderr: 'Cloning into '/tmp/tmpu4hbpnjl'...
fatal: protocol 'git_url=https' is not supported
from reconftw.
Done dfbdee3
from reconftw.
Related Issues (20)
- Skip Failed step instead of exiting
- Errror when run ./install.sh HOT 1
- ##### ERROR [628][domain_info|recon|all|main] timeout -k 1m ${AMASS_INTEL_TIMEOUT}m amass intel -d ${domain} -whois -timeout $AMASS_INTEL_TIMEOUT -o osint/domain_info_reverse_whois.txt 2>> "$LOGFILE" >> /dev/null ##### HOT 1
- Docker run command not formatted correctly
- running install.sh wipes .zshrc file
- Why is the tool using Amass v3 instead of the latest v4? HOT 1
- The Amass config.ini is empty HOT 1
- When start scanning Internet is Disconnect HOT 5
- Introduce Smart Rate Control for Script Efficiency HOT 1
- xnLinkFinder BUG HOT 3
- Missing `grep $domain` Command in `webprobe_full()` Function HOT 1
- I need a For Home Internet CFG File.
- Go tools don't install properly HOT 1
- /root/reconftw/reconftw.cfg: line 56: 3RD_PARTIES=true: command not found HOT 3
- tool stuck on "searching for 3rd party misconfigurations" HOT 1
- p1radup script is missing in ./install.sh and ./reconftw don't warn of missing p1radup tool before launch. HOT 1
- Add IP2WHOIS API as an option to query WHOIS data HOT 1
- Not having /root/Tools/.github_tokens HOT 3
- Third parties misconfigurations: Invalid Escape Sequence HOT 4
- AMASS config.ini empty HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reconftw.