Maecenas sollicitudin

California, United States.

Fusce et diam ornare:

[email protected]

Sed ut sem

Nec-Vel: 9.30am To 7.00pm

Tomnomnom github

GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together. If nothing happens, download GitHub Desktop and try again. If nothing happens, download Xcode and try again. If nothing happens, download the GitHub extension for Visual Studio and try again. It can be used to fetch many paths for many hosts; fetching one path for all hosts before moving on to the next path and repeating.

If you have Go 1. Without any arguments, meg will read paths from a file called. There will also be no output:. You can use the index file to find where the response is stored, but it's often easier to find what you're looking for with grep :. By default meg will attempt to make 20 concurrent requests. You can change that with the -c or --concurrency option:.

It's not very friendly to keep the concurrency level higher than the number of hosts - you may end up sending lots of requests to one host at once. By default meg will wait milliseconds between requests to the same host. You can override that with the -d or --delay option:. Warning: before reducing the delay, ensure that you have permission to make large volumes of requests to the hosts you're targeting.

tomnomnom github

You can set additional headers on the requests with the -H or --header option:. You can use the -r or --rawhttp flag to enable use of the rawhttp library, which does little to no validation on the request:.

The rawhttp library and its use is experimental. Amongst other things it doesn't yet support chunked transfer encoding, so you may notice chunk lengths interspersed with your output if you use it.

If you only want to save results that returned a certain status code, you can use the -s or --savestatus option:. Skip to content. Dismiss Join GitHub today GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

Sign up. Fetch many paths for many hosts - without killing the hosts. Go Shell. Go Branch: master. Find file. Sign in Sign up. Go back. Launching Xcode If nothing happens, download Xcode and try again. Latest commit. Latest commit 9daab00 Dec 4, You get lots of results quickly, but non of the individual hosts get flooded with traffic.

Install meg is written in Go and has no run-time dependencies.By default, the Golang Docker container at its smallest is MB.

While seemingly small, this can result in annoying latency and slowness when deploying new tooling at scale. In this article I show you how to create small containers that use up to date tools. I'll use the tool waybackurls from tomnomnom as an example. Typically, we would create a Dockerfile that looks like the following for our desired Golang tool. While this works perfectly, our resulting Docker image is MB. We need to explore other features of Docker to create a smaller container. One of the most challenging things about building images is keeping the image size down.

In Docker version This feature is often referred to as multi-stage builds. It allows us to use an intermediary container to build an up to date version of our Golang tool and then move it into a much smaller container. You'll find that this is extremely useful when creating containers used for every day penetration testing work. Small containers help us scale our operations and continuously engage with new tooling.

Learn more: Docker multi-stage builds. Become a ninja: Advanced multi-stage builds. Traditional Dockerfile Creation Typically, we would create a Dockerfile that looks like the following for our desired Golang tool. Dockerfile as builder One of the most challenging things about building images is keeping the image size down.

That is big improvement! Conclusion You'll find that this is extremely useful when creating containers used for every day penetration testing work.

Bug Bounty Hunting - Tools I Use

References This feature of Docker has quite a lot more to it that wasn't mentioned here. Learn more: Docker multi-stage builds Become a ninja: Advanced multi-stage builds - Nicholas Anastasi.Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way.

How Sudomy Works. This process fully leverages multi processors, more subdomains will be collected with less time consumption. Linux apt-get install jq nmap phantomjs Mac brew cask install phantomjs brew install jq nmap. Running in a Docker Container. Post Installation. Saturday, April 18, Kali Linux Tutorials. How to Install Metasploitable3 on Windows Must Need. Linumonk - December 15, 0. The Internet is no longer a luxury.

It is a part of our daily lives and imagining life without it seems impossible Ranjith - October 22, 0. Dirstalk is a multi threaded application designed to brute force paths on web servers. The tool contains functionalities similar to the ones Ranjith - January 29, 0. Given an email address or username, socialscan returns whether it is Ranjith - May 31, 0. Following are the features. Ranjith - September 25, 0. Vboxdie Cracker is a virtual box disk image encryption password cracker.

Ranjith - December 11, 0. ReconPi is a lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi. Ranjith - March 18, 0. Zelos is a comprehensive binary emulation platform. One use of Kalilinuxtutorials is medium to index Penetration Testing Tools. Contact us: admin kalilinuxtutorials.Sign up for your own profile on GitHub, the best place to host code, manage projects, and build software alongside 40 million developers.

Learn more about blocking users. Learn more about reporting abuse. Make JSON greppable! Go Find domains and subdomains related to a given domain. Fetch many paths for many hosts - without killing the hosts. A collection of hacks and one-off scripts. Seeing something unexpected? Take a look at the GitHub profile guide. Skip to content. Dismiss Create your own GitHub profile Sign up for your own profile on GitHub, the best place to host code, manage projects, and build software alongside 40 million developers.

Sign up. Taking it easy. Tom Hudson tomnomnom. Open-source tool maker, trainer, talker, fixer, eater, not really a sheep. Block or report user Report or block tomnomnom. Hide content and notifications from this user.

Learn more about blocking users Block user. Learn more about reporting abuse Report abuse. Sponsoring View all. Overview Repositories 94 Projects 0 Stars Followers 2. Popular repositories gron.

Learn how we count contributions. Less More. You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window.GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

If nothing happens, download GitHub Desktop and try again. If nothing happens, download Xcode and try again. If nothing happens, download the GitHub extension for Visual Studio and try again.

You can add additional probes with the -p flag by specifying a protocol and port pair:. You can change the timeout by using the -t flag and specifying a timeout in milliseconds:.

You'll need to specify the probes you do want using the -p flag:. You can do that with the --prefer-https flag:. Run the container, passing the contents of a file into stdin of the process inside the container. Skip to content. Dismiss Join GitHub today GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

tomnomnom github

Sign up. Go Shell Dockerfile. Go Branch: master. Find file. Sign in Sign up. Go back. Launching Xcode If nothing happens, download Xcode and try again. Latest commit. Latest commit Apr 11, You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Adds release script. Mar 24, Adds dialer and timeout tweaks; gofmt run.

Jul 26, Oct 28, Oct 7, Adds --prefer-https method. Apr 11, GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

If nothing happens, download GitHub Desktop and try again. If nothing happens, download Xcode and try again. If nothing happens, download the GitHub extension for Visual Studio and try again. If you have Go installed and configured i. Otherwise download a release for your platform. Skip to content. Dismiss Join GitHub today GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together. Sign up. Find domains and subdomains related to a given domain.

Go Shell. Go Branch: master. Find file. Sign in Sign up. Go back. Launching Xcode If nothing happens, download Xcode and try again. Latest commit. Latest commit 4e95d87 Apr 15, Install If you have Go installed and configured i. You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Jun 23, Add references to documentation for APIs. Oct 25, Adds guard check for bufferoverrun responses; fixes Jan 20, Fixed crtsh result processing.

Jul 18, Use both the subdomains and subdomains-aggregate endpoints. Jun 25, Moves subsOnly check to calling goroutine; fixes Apr 15, Adds ability to read domains from stdin for patrikf :. Jun 24, Tom had just arrived back at the office after a trip to down south.

He'd been to a dinner in London; helping HackerOne give new and prospective customers advice on their bug bounty programs.

With the few emails he'd received responded to: he span in his chair, sipping at his coffee, wondering how to best to limber up his brain into 'work mode' after a night of free drinks. His aging neurons creaked and groaned; there was something he'd seen the day before that he wanted to try, but he couldn't quite remember what it might be - was it a new JavaScript libary?

The CTF! The last one was fun - save for the whole 'invalid JSON' debacle - so surely that would be the perfect thing to get his mental gears turning smoothly. He switched to his web browser, found the tweet and followed the link:. An engineer of acme. He added a tripwire that notifies him when the flag file is read. Your goal?

Read the flag! He clicked the link. The default Apache page filled the browser window; he smiled slightly - to him the default page was a sign of a brand new server, he could practically smell that new-server smell.

Nothing; s were all he saw. A different port then, maybe? Time for the terminal; he always felt more at home when his screen was filled with text.

Sudomy : Subdomain Enumeration Tool Created Using A Bash Script

Ports 22 and No dice. He leant back in his chair and took a deep breath. He tried probing the SSH port but decided there was nothing interesting to be found there quicker than you can type ssh -vvv. What else might hide this machine's true purpose in life? Port knocking? Even Jobert wasn't that evil.

tomnomnom github

Virtual hosts! Name-based virtual hosts! He had thought it suspect that only an IP address was given. It was time to probe some more. The many hours spent reverse-engineering undocumented APIs from vendors streamed through his brain. Why would the request not be acceptable? Oh; the content-type. That wasn't it. Perhaps it's fetching data from the domain? He logged into CloudFlare and configured a new subdomain: He pointed it at a server that returned simply:.

Some wild data appears! It looked base64 encoded, so with a bit some help from jq and his faithful companion bash he decoded it:.


Dile

comments so far

Zulkigal Posted on 10:12 pm - Oct 2, 2012

Ich berate Ihnen, die Webseite, mit der riesigen Zahl der Artikel nach dem Sie interessierenden Thema anzuschauen.