Recon is the most important part of hunting, be it subdomain extraction using wordlist or content discovery once you have fixed your target for hunting.
For both the above-mentioned work you need a wordlist which will help in identifying the potential assets.
Now to brute force a target for its content or domain for both the thing wordlist plays an important role. There are several tools available in open source which can be used for this purpose:
List of tools which I prefer to use for this purpose:
Apart from the above mentioned popular tool one of the tool which have coded for my customized purpose
Subdomain Lister Author: AMYRAHM ★ Description: Simple shell script For Searching Subdomain And save results ★…
The tool above I coded follows a simple script where it can give you out a list of subdomains on the supplied wordlist or default wordlist.
Demo of my tool:
So it is very important to how to enrich your wordlist, In this article, I have tried to address one of aspect that creating your wordlist based on CMS.which then can be used in different content discovery tool.
I have put up my tool over GitHub again for mass use and at the same time welcoming all if you could improve/customized it according to your usage.
This simple python tool can help one to create custom word-list based on CMS repo Usage: It will ask you the CMS for…
Demo for tool:
I hope you all can benefit from this work of mine!!. Do let me know about views in the comment section and what all improvement you want here.
Thanks for your time.
I will take a minute to pay respect to my seniors((Twitter handle:@zerodayguys)) in the field who have constantly encouraged/helped me in achieving my goals.