Reviving and Refactoring DNS Enum
I have been using Lepus for a number of years as it is one of the better subdomain enumeration tools. I integrated some of the lessons learned from DNS Queue and added additional functionality to a project that had not been updated in over 2 years. So here is my forked edition with some fixes, additional features and active development to fix and add new things.
In addition to new features, I have also added the dataset from research I did in 2015 and integrated various lists to make a master subdomains.txt list.
Here's my fork of Lepus:
So what's new about this fork then?
I found version 3.3.1 on GitHub a year or two ago but it appeared to have disappeared from the face of git, therefore I refactored some of the code from that version and forked/published it to my clone. The main improvements are as follows:
- Added integration with Project Discovery Chaos API
- Added beginning of webhook integrations
- Updated formatting
- Updated the base list of subdomains
- Refactored some of the base code to enable compatibility with python3 requirements
The tool collects data from the following services:
Service | API Required | Extra Details |
---|---|---|
Censys | Yes | API Limited |
CertSpotter | No | |
CRT | No | |
DNSTrails | Yes | |
Google Transparency | No | |
HackerTarget | No | |
PassiveTotal | Yes | |
Project Discovery Chaos | Yes | Invite Only API |
Project Sonar | No | |
Riddler | Yes | |
Shodan | Yes | |
Spyse API | Yes | |
ThreatCrowd | No | |
VirusTotal | Yes | |
Wayback Machine | No |
I have tweaked it some more to bring it up to date and support some of the newer APIs, in addition future plans are to integrate the likes of Discord/Slack webhooks and Telegram Bot API.
Enjoy Folks!