Bypass access host with port filtred!
- Enumerate target subdomains
- Choose a target URL
- Run vhospping using subdomains instead of wordlists:
▶ python3 vhospping.py -u https://example.com -s subdomains.txt -o output.txt
- Choose a target URL
- Run vhospping using wordlists:
▶ python3 vhospping.py -u https://example.com -w db/wordlist.txt -o output.txt
▶ git clone https://github.com/phor3nsic/vhospping.git
▶ python3 vhospping.py -h
usage: vhospping.py [-h] [-u URL] [-uL URLLIST] [-d DOMAIN] [-w WORDLIST] [-s SUBDOMAINSLIST] [-p PROXY] -o OUTPUT
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Url
-uL URLLIST, --urlList URLLIST
Url list mode
-d DOMAIN, --domain DOMAIN
Force domain for header
-w WORDLIST, --wordlist WORDLIST
Wordlist for hosts
-s SUBDOMAINSLIST, --subdomainsList SUBDOMAINSLIST
Use subdomains for brute force
-p PROXY, --proxy PROXY
Proxy url for debug Ex: http://127.0.0.1:8080
-o OUTPUT, --output OUTPUT
Output for save
https://mobile.twitter.com/Bugcrowd/status/1372034980164014082/photo/1
fuzz
proxy_pass
vhost hopping