Domained - Multi Tool Subdomain Enumeration

A domain name

You do not have permission to view link Log in or register now.

tool
The tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ng
domained uses several

You do not have permission to view link Log in or register now.

tools and wordlists to create a unique list of subdomains that are passed to

You do not have permission to view link Log in or register now.

for reporting with categorized screenshots, server response headers and signature based default credential checking. (resources are saved to ./bin and output is saved to ./output)

Initial Install:

• domained tools: python3 domained.py --install
• Python required modules: sudo pip install -r ./ext/requirements.txt

Other Dependencies:

• You do not have permission to view link Log in or register now.
  library for DNS programming:
  • sudo apt-get install libldns-dev -y
• You do not have permission to view link Log in or register now.
  Programming Language:
  • sudo apt-get install golang

NOTE: This is an active recon – only perform on applications that you have permission to test against.

Tools leveraged:

Subdomain Enumeraton Tools:

1. You do not have permission to view link Log in or register now.
   by Ahmed Aboul-Ela
2. You do not have permission to view link Log in or register now.
   by Jason Haddix
3. You do not have permission to view link Log in or register now.
   by Gianni Amato
4. You do not have permission to view link Log in or register now.
   by TheRook
5. You do not have permission to view link Log in or register now.
   by B. Blechschmidt
6. You do not have permission to view link Log in or register now.
   by Tim Tomes (LaNMaSteR53)
7. You do not have permission to view link Log in or register now.
   by Jeff Foley (caffix)
8. You do not have permission to view link Log in or register now.
   by by Ice3man543

Reporting + Wordlists:

• You do not have permission to view link Log in or register now.
  by ChrisTruncer
• You do not have permission to view link Log in or register now.
  (DNS Recon List) by Daniel Miessler
• You do not have permission to view link Log in or register now.
  by Jason Haddix

Usage:

First Step



Install Required Python Modules: sudo pip install -r ./ext/requirements.txt
Install Tools: sudo python3 domained.py --install

Example 1: python3 domained.py -d example.com
Uses subdomain example.com (Sublist3r (+subbrute), enumall, Knock, Amass, and SubFinder)

Example 2: python3 domained.py -d example.com -b -p --vpn
Uses subdomain example.com with seclist subdomain list

You do not have permission to view link Log in or register now.

(massdns, subbrute, Sublist3r, Amass, enumall, and SubFinder), adds ports 8443/8080 and checks if on VPN

Example 3: python3 domained.py -d example.com -b --bruteall
Uses subdomain example.com with large-all.txt bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall and SubFinder)

Example 4: python3 domained.py -d example.com --quick
Uses subdomain example.com and only Amass and SubFinder

Example 5: python3 dom ained.py -d example.com --quick --notify
Uses subdomain example.com, only Amass and SubFinder and notification

Example 6: python3 domained.py -d example.com --noeyewitness
Uses subdomain example.com with no EyeWitness

Note: --bruteall must be used with the -b flag