anonion0 / nsec3map
a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain
☆186Updated last year
Related projects ⓘ
Alternatives and complementary repositories for nsec3map
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆218Updated 2 years ago
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys☆151Updated last year
- ☆272Updated 3 years ago
- Application and Service Fingerprinting☆131Updated last year
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆141Updated 6 months ago
- It's bloody scantastic☆233Updated 2 years ago
- SSLScrape | A scanning tool for scaping hostnames from SSL certificates.☆329Updated 3 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆341Updated 3 years ago
- Albatar is a SQLi exploitation framework in Python☆132Updated 3 years ago
- An open source intelligence tool to crawl the graph of certificate Alternate Names☆344Updated 8 months ago
- A permutation generation tool written in golang☆206Updated 5 years ago
- (Unofficial) Python API for https://crt.sh☆131Updated 3 years ago
- A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…☆131Updated last year
- Correlated injection proxy tool for XSS Hunter☆249Updated last year
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …☆220Updated last year
- AWS S3 Bucket/Object Finder☆115Updated 3 years ago
- Second-order subdomain takeover scanner☆378Updated last year
- ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight☆203Updated 2 years ago
- Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.☆146Updated 4 years ago
- IPFuscator - A tool to automatically generate alternative IP representations☆343Updated 9 months ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆82Updated 5 years ago
- Shell script for testing DNS zone transfer (AXFR query) on domains and subdomains recursively.☆49Updated 3 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆154Updated 2 years ago
- Asynchronous wordlist based DKIM scanner☆56Updated 3 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆280Updated 3 months ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated 2 years ago
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆530Updated 2 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆201Updated last year
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆98Updated 10 months ago
- A highly configurable Framework for easy automated web scanning☆364Updated 4 years ago