一、工具背景
Dome是一款开源子域名搜索工具。使用python开发,可进行主动或被动扫描以获取子域并搜索开放端口。
下载地址:https://github.com/v4d1/Dome.git
二、工具使用语法
快速开始
python dome.py -m passive -d domain
工具语法:
| 命令参数 | 简述 | 例子 |
|---|---|---|
| -m, --mode | Scan mode. Valid options: active or passive | active |
| -d, --domain | Domains name to enumerate subdomains (Separated by commas) | hackerone.com,facebook.com |
| -w, --wordlist | Wordlist containing subdomain prefix to bruteforce | subdomains-5000.txt |
| -i, --ip | When a subdomain is found, show its ip | |
| --no-passive | Do not use OSINT techniques to obtain valid subdomains | |
| -nb, --no-bruteforce | Dont make pure bruteforce up to 3 letters | |
| -p, --ports | Scan the subdomains found against specific tcp ports | 80,443,8080 |
| --top-100-ports | Scan the top 100 ports of the subdomain (Not compatible with -p option) | |
| --top-1000-ports | Scan the top 1000 ports of the subdomain (Not compatible with -p option) | |
| --top-web-ports | Scan the top web ports of the subdomain (Not compatible with -p option) | |
| -s, --silent | Silent mode. No output in terminal | |
| --no-color | Dont print colored output | |
| -t, --threads | Number of threads to use (Default: 25) | 20 |
| -o, --output | Save the results to txt, json and html files | |
| --max-response-size | Maximun length for HTTP response (Default:5000000 (5MB)) | 1000000 |
| --r, --resolvers | Textfile with DNS resolvers to use. One per line | resolvers.txt |
| -h, --help | Help command | |
| --version | Show dome version and exit | |
| -v, --verbose | Show more information during execution |
三、工具效果
3608
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
