Recon Automation with Sub Num Num

-
I'd like to start things off with I am NOT a coder...

 .. but I wrote a very simple script to help automate some of my Recon for Sub-domains. Doing this manually is a huge under taking and of course time consuming. This is just the beginning of the horribly named script "Sub Num Num"





But what's it do?
This script reaches out to cert.sh and certspotter checking for valid sub-domains - next it runs a quick  probe on (80,443) We are then left with valid targets to begin a deeper dive.(Directory brute forcing etc..)

You can access the current code here.. https://github.com/atomixgray/subnumnum

Installation (note GoLang is needed for the httprobe)
If you have git installed
1.) sudo git clone https://github.com/atomixgray/subnumnum.git
2.) chmod +x subnumnum.sh

Lets do a quick hunt on gemini.yahoo.com (There is currently a public bounty on this Sub)


























Comments and suggestions are more than welcome!


Comments

  1. AnonymousJanuary 24, 2022 at 9:43 AM

    188bet.com: online casino for sports betting & eSports betting
    Bet on esports, eSports, Baccarat and all your favourite sports william hill in one app. We have a huge selection of online casinos & live 188bet casino games! Rating: 4.3 · ‎Review by ThTopBet

    ReplyDelete

Post a Comment

Popular posts from this blog

CyberArk Automation

-
Image
Tonight we are working on some CyberArk automation inside of VsCode.   The building and provisioning of safes can become cumbersome when you're enrolling several hundred users a week. With the help of an amazing PowerShell module by PSPETE  we can make quick work of this. Revision 1.0 of this script will do the following. 1.) Create Users Safe 2.) Add users network account to safe with customizable permissions 3.) Add a local CyberArk support account group with customizable permissions 4.) Add Vault Admin group for more support options with customizable permissions 5.) Add Users (new) Privileged account into their newly created safe. 6.) Run a Reconcile on the account to bring into CyberArk management. .   I will upload everything to  https://github.com/atomixgray/cyberark/  after a little more testing. Revision 2.0 will include an option for bulk uploading users via a CSV file.
Read more

Anomali STAXX and Hail a Taxii

-
Image
Today we are going to add a new feed to our Anomali Threat Server.   Called Hail a Taxii Anomali makes this process extremely easy. Login to your Anomali STAXX server Then click the setting tab in the upper right corner. This will bring you to the site where you can add your new Feed. As you can see I already have 3 feeds added - the default Limo, Alien Vault OTX, and IBM X-Force. Click on Add Site in the upper right. The Add New Site Window is launched. For the Description I've added "Hail A TAXII" and the Discovery location is simply the poll location for Hail A TAXII   "http://hailataxii.com/taxii-discovery-service"  Username: guest  Password: ***** Click on Add Site / Discover (depending on the version you're running) Once the Discover process is complete your left with several new Feeds to add to your arsenal I've enabled all the above Feeds and ran a quick Poll. As you can see below we have started to collect Intel "data...
Read more