Giter Site home page Giter Site logo

fuzsub's Introduction

FuzSub V2.0

  • AppName: FuzSub(Fuzz Sub-domain)
  • Create: 2015-04-08
  • Author: Dave, AAA

FuzSub可以通过用户输入的域名进行自动化Fuzz,并可根据用户自身需求选择爆破方式。例如:

➜  FuzSub git:(master) python fuzz.py alitrip.com
[*] FuzSub is hot.
[*] Target: alitrip.com
[+] Name Server:  ['ns4.taobao.com', 'ns5.taobao.com', 'ns6.taobao.com', 'ns7.taobao.com']
[*] Checking: alitrip.com NS: ns4.taobao.com
[*] Checking: alitrip.com NS: ns5.taobao.com
[*] Checking: alitrip.com NS: ns6.taobao.com
[*] Checking: alitrip.com NS: ns7.taobao.com
[*] < alitrip.com > FUZZING...
[*] Pan Analysis: [['sh.wagbridge.alitrip.com'], ['140.205.230.45']]
[+] <Found> 1111.alitrip.com	['113.107.235.241', '113.107.235.242', '113.107.239.108', '113.107.239.109', '183.61.180.195', '183.61.180.236']
[+] <Found> 61.alitrip.com	['119.147.69.236', '119.147.70.253', '121.14.89.253', '183.61.241.252']
[+] <Found> australia.alitrip.com	['140.205.250.51']
[+] <Found> bzy.alitrip.com	['106.11.55.235']
[+] <Found> decision.alitrip.com	['10.150.71.130']
...
[*] Done!
[*] Total Time Consumption: 0s

TODO

  • 尝试控制域名枚举深度,即递归枚举到N级域名

Usage

pip install -r requirements.txt

安装完Python的相关支持库之后就可以直接食用。

# 一级域名枚举
python fuzz.py qq.com
# 无穷极域名枚举
python fuzz.py qq.com full

Feature

  • 支持Python 2.7 & 3.0+
  • 支持域传送漏洞检测
  • 较完美解决泛解析误报问题
  • 高效节能环保(在网络环境较好的情况80s跑完2.4W子域名)
  • 支持递归子域名枚举,即无穷级子域名爆破(python fuzz.py full)

Note

  • config.py中设定线程数和DNS服务器
  • 默认进程数为50,可以根据自己机器的性能进行在源代码内进行调整。
  • 采用Gevent模式进行爆破提高效率

fuzsub's People

Contributors

davexpro avatar tiany avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.