redasset

This tool allows to enumerate domains of a defined 2nd-lvl domain list by using the following methods:

Parse gzipped Rapid7 scans and filter by white- and blacklist.
Query certificate transparency logs.

Usage

Note: The rapid7 file can still be gzipped.

The following parameters may be used:

$ ./redAsset 
Usage:
  -bdomains string
    	File containing 2nd level domains to exclude.
  -catransoff
    	Deactivate querying certificate transparency logs (crt.sh).
  -domains string
    	File containing 2nd level domains to include.
  -file string
    	JSON file to parse from, gzip allowed.

Log is printed to stderr, results to stdout, so you may pipe this to a results file.

Example of a FDNS parse:

$ ./redAsset -file ~/data/20170417-fdns.json.gz -domains second_level_domains.txt -bdomains blacklist_domains.txt
2018/08/24 18:55:10 Limiting to 158 parsed domains.
2018/08/24 18:55:10 Limiting to 19 parsed blacklist domains.
0060118671.telekom-profis.de
0060177055.telekom-profis.de
[...]

Post processing

Don't forget to deduplicate:

$ cat ~/data/domains.txt | sort -u

About

Enumerate subdomains by parsing Rapid7 FDNS dumps and CA transparency logs

Languages

Language:Go 94.6%Language:Shell 5.4%