public

Reviving and Refactoring DNS Enum

I have been using Lepus for a number of years as it is one of the better subdomain enumeration tools. I integrated some of the lessons learned from DNS Queue

20 days ago

Latest Post Old but Gold - Attack and Defend the Sys Admins by Andy Gill public

I have been using Lepus for a number of years as it is one of the better subdomain enumeration tools. I integrated some of the lessons learned from DNS Queue and added additional functionality to a project that had not been updated in over 2 years. So here is my forked edition with some fixes, additional features and active development to fix and add new things.

In addition to new features, I have also added the dataset from research I did in 2015 and integrated various lists to make a master subdomains.txt list.

Here's my fork of Lepus:

ZephrFish/Lepus3
Subdomain finder with various API integrations. Contribute to ZephrFish/Lepus3 development by creating an account on GitHub.

So what's new about this fork then?

I found version 3.3.1 on GitHub a year or two ago but it appeared to have disappeared from the face of git, therefore I refactored some of the code from that version and forked/published it to my clone. The main improvements are as follows:

The tool collects data from the following services:

Service API Required Extra Details
Censys Yes API Limited
CertSpotter No
CRT No
DNSTrails Yes
Google Transparency No
HackerTarget No
PassiveTotal Yes
Project Discovery Chaos Yes Invite Only API
Project Sonar No
Riddler Yes
Shodan Yes
Spyse API Yes
ThreatCrowd No
VirusTotal Yes
Wayback Machine No

I have tweaked it some more to bring it up to date and support some of the newer APIs, in addition future plans are to integrate the likes of Discord/Slack webhooks and Telegram Bot API.

Enjoy Folks!

Andy Gill

Published 20 days ago