AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for common web ports and HTTP headers, HTML bodies and screenshots can be gathered and consolidated into a report for easy analysis of the attack surface.
aquatone v0.2.0
Dependencies:
+ NodeJS https://nodejs.org/
+ Ruby with RVM. https://rvm.io/
Usage:
git clone https://github.com/michenriksen/aquatone && cd aquatone gem install aquatone cd bin ./quatone-discover --domain example.com --fallback-nameservers 87.98.175.85,5.9.49.12 ./aquatone-discover --domain example.com --sleep 5 --jitter 30 The scanning stage is where AQUATONE will enumerate the discovered hosts for open TCP ports that are commonly used for web services: ./aquatone-scan --domain example.com Update: git pull origin master
Source: https://github.com/michenriksen