003random

#!/usr/bin/env python3

import os, math

def neighbors(matrix, rowNumber, colNumber):
    result = []
    for rowAdd in range(-1, 2):
        newRow = rowNumber + rowAdd
        if newRow >= 0 and newRow <= len(matrix)-1:
            for colAdd in range(-1, 2):

003random

nmap -p $(cat ports.txt | paste -sd "," -) $(dig +short poc-server.com | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | head -1) | grep -P "\b(https?|ssl)\b" | tail -n +2 | cut -d '/' -f1

003random

domain="poc-server.com"

for port in `sed '/^$/d' "ports.txt"`; do
  url="$domain:$port"
  http=false
  https=false
  protocol=""

  if [[ $(echo "http://$url" | online) ]]; then http=true; else http=false; fi
  if [[ $(echo "https://$url" | online) ]]; then https=true; else https=false; fi

003random

003random:~/ $ printf "https://poc-server.com\nhttps://example.com\nhttps://notexisting003.com\nhttp://google.com" | online
https://poc-server.com
https://example.com
http://google.com

003random

nmap -p $(cat ports.txt | paste -sd "," -) $(dig +short poc-server.com | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | head -1)

003random

sudo /path/to/masscan/bin/masscan $(dig +short example.com | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | head -1) -p0-10001 --rate 1000 --wait 3 2> /dev/null | grep -o -P '(?<=port ).*(?=/)'

003random

if [[ "$(dig @1.1.1.1 A,CNAME {test321123,testingforwildcard,plsdontgimmearesult}.$domain +short | wc -l)" -gt "1" ]]; then
    echo "[!] Possible wildcard detected."
fi

003random

sort -u "subdomains.txt" -o "subdomains.txt"

003random

cat wordlist-online.txt subfinder-online.txt > subdomains.txt

003random

python ~/tools/altdns/altdns.py -i "subdomains.txt"  -o "altdns-wordlist.txt" -w ~/tools/altdns/words.txt