DomainDouche
DomainDouche copied to clipboard
OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.
DomainDouche
Abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.
Use it while it still works 🙃 (aaaand it's dead)
(Also, hmu on Mastodon: @[email protected])
Demo:
Usage:
usage: domaindouche.py [-h] [-n N] -c COOKIE -a USER_AGENT [-w NUM] [-o OUTFILE] keyword
Abuses SecurityTrails API to find related domains by keyword.
Go to https://securitytrails.com/dns-trails, solve any CAPTCHA you might encounter,
copy the raw value of your Cookie and User-Agent headers and use them with the -c and -a arguments.
positional arguments:
keyword keyword to append brute force string to
options:
-h, --help show this help message and exit
-n N, --num N number of characters to brute force (default: 2)
-c COOKIE, --cookie COOKIE
raw cookie string
-a USER_AGENT, --useragent USER_AGENT
user-agent string (must match the browser where the cookies are from)
-w NUM, --workers NUM
number of workers (default: 5)
-o OUTFILE, --output OUTFILE
output file path