[open source] knockpy : Subdomain Scanner

Knockpy – Open Source Subdomain Scanner Tool

 : Python tool designed to enumerate subdomains on a target domain

 

prerequisites
$ cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)

$ python --version
Python 2.7.5

$ pip -V
pip 19.1.1 from /usr/lib/python2.7/site-packages/pip (python 2.7)

----

dependencies
$ pip install dnspython

installing
$ git clone https://github.com/guelfoweb/knock.git knock_4.1.1
$ cd knock_4.1.1
$ python setup.py install

$ ./knockpy/knockpy.py -h
usage: knockpy [-h] [-v] [-w WORDLIST] [-r] [-c] [-f] [-j] domain

___________________________________________
knock subdomain scan
knockpy v.4.1.1
Author: Gianni 'guelfoweb' Amato
Github: https://github.com/guelfoweb/knock
___________________________________________

positional arguments:
  domain           target to scan, like domain.com

optional arguments:
  -h, --help       show this help message and exit
  -v, --version    show program's version number and exit
  -w WORDLIST      specific path to wordlist file
  -r, --resolve    resolve single ip or domain name
  -c, --csv        save output in csv
  -f, --csvfields  add fields name to the first row of csv output file
  -j, --json       export full report in JSON

example:
  knockpy domain.com
  knockpy domain.com -w wordlist.txt
  knockpy -r domain.com or IP
  knockpy -c domain.com
  knockpy -j domain.com

For virustotal subdomains support you can setting your API KEY in the config.json file.

$ ./knockpy/knockpy.py sangchul.kr


install knockpy

API Key : https://www.virustotal.com

$ cd knock

$ vim knockpy/config.json
{
"virustotal": ""
}

 

 

참고URL : https://manpages.debian.org/testing/knockpy/knockpy.1.en.html

'___기타' 카테고리의 다른 글

[open source] knockpy : Subdomain Scanner  (0) 2019.08.07
Let's Encrypt(certbot)  (0) 2019.06.11
[MAC] geoiplookup 명령어 설치  (0) 2018.09.07
[URL] Rackmonkey  (0) 2017.06.07
[ANSIBLE] 계정 생성 및 삭제  (0) 2017.04.25
[ANSIBLE] 일반 계정 생성  (0) 2017.04.25

[docker] docker login fails while docker-compose is installed on Ubuntu 18.04

docker login fail

$ docker login gitla.sangchul.kr:4567
Username: admin
Password:
Error saving credentials: error storing credentials - err: exit status 1, out: `Cannot autolaunch D-Bus without X11 $DISPLAY`

config.json 파일 생성
$ vim ~/.docker/config.json
{
"auths": {
"gitlab.sangchul.kr": {
"auth": "YW50aTEzNdDY6cXVzdGtkY2pm"
}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/18.09.6 (linux)"
}
}

[리눅스] parallel compression

pbzip2 : Parallel implementation of bzip2

 

https://zlib.net/pigz/

: A parallel implementation of gzip for modern multi-processor, multi-core machines

 

 

$ yum install -y pbzip2

 

$ tar --use-compress-prog=pbzip2 -cf file10g-pbzip2.tar.gz file_10GB

 

$ tar --use-compress-prog=pbzip2 -xf file10g-pbzip2.tar.gz

 

 

 

pigz : Parallel implementation of gzip

 

https://launchpad.net/pbzip2

: PBZIP2 is a parallel implementation of the bzip2 block-sorting file compressor that uses pthreads and achieves near-linear speedup on SMP machines. The output of this version is fully compatible with bzip2 v1.0.2 or newer (ie: anything compressed with pbzip2 can be decompressed with bzip2). PBZIP2 should work on any system that has a pthreads compatible C++ compiler (such as gcc).

 

 

$ yum install -y pigz

 

$ tar --use-compress-prog=pigz -cf file10g-pigz.tar.gz file_10GB

 

$ tar --use-compress-prog=pigz -xf file10g-pigz.tar.gz

Let's Encrypt(certbot)

$ cat certbot.sh

docker run -it --rm --name certbot \

  -v '/etc/letsencrypt:/etc/letsencrypt' \

  -v '/var/lib/letsencrypt:/var/lib/letsencrypt' \

  certbot/certbot certonly -d '*.4wxyz.com' \

  --manual --preferred-challenges dns.

  --server https://acme-v02.api.letsencrypt.org/directory

 

$ chmod +x certbot.sh

 

$ sh certbot.sh

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator manual, Installer None

Obtaining a new certificate

Performing the following challenges:

dns-01 challenge for 4wxyz.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

NOTE: The IP of this machine will be publicly logged as having requested this

certificate. If you're running certbot in manual mode on a machine that is not

your server, please ensure you're okay with that.

 

Are you OK with your IP being logged?

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

(Y)es/(N)o: y

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Please deploy a DNS TXT record under the name

_acme-challenge.4wxyz.com with the following value:

 

UTECS7sGUjtKAMICmqn9t9owcxFgRgjy6Wwx64SAPBk

 

Before continuing, verify the record is deployed.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Press Enter to Continue

 

<=== Register txt record on dns server(/etc/resolv.conf Authoritative DNS server) ===>

 

Waiting for verification...

Cleaning up challenges

 

IMPORTANT NOTES:

 - Congratulations! Your certificate and chain have been saved at:

   /etc/letsencrypt/live/4wxyz.com/fullchain.pem

   Your key file has been saved at:

   /etc/letsencrypt/live/4wxyz.com/privkey.pem

   Your cert will expire on 2019-09-09. To obtain a new or tweaked

   version of this certificate in the future, simply run certbot

   again. To non-interactively renew *all* of your certificates, run

   "certbot renew"

 - If you like Certbot, please consider supporting our work by:

 

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate

   Donating to EFF:                    https://eff.org/donate-le

 

$ ls -l /etc/letsencrypt/live/4wxyz.com/*

lrwxrwxrwx 1 root root  33 Jun 11 14:14 /etc/letsencrypt/live/4wxyz.com/cert.pem -> ../../archive/4wxyz.com/cert1.pem

lrwxrwxrwx 1 root root  34 Jun 11 14:14 /etc/letsencrypt/live/4wxyz.com/chain.pem -> ../../archive/4wxyz.com/chain1.pem

lrwxrwxrwx 1 root root  38 Jun 11 14:14 /etc/letsencrypt/live/4wxyz.com/fullchain.pem -> ../../archive/4wxyz.com/fullchain1.pem

lrwxrwxrwx 1 root root  36 Jun 11 14:14 /etc/letsencrypt/live/4wxyz.com/privkey.pem -> ../../archive/4wxyz.com/privkey1.pem

-rw-r--r-- 1 root root 692 Jun 11 14:14 /etc/letsencrypt/live/4wxyz.com/README

 

 

$ sh certbot_renew.sh

docker run -it --rm --name certbot \

  -v '/etc/letsencrypt:/etc/letsencrypt' \

  -v '/var/lib/letsencrypt:/var/lib/letsencrypt' \

  certbot/certbot --renew-by-default certonly -d '*.4wxyz.com' \

  --manual --preferred-challenges dns \

  --server https://acme-v02.api.letsencrypt.org/directory

 

$ chmod +x certbot_renew.sh

 

$ sh certbot_renew.sh

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator manual, Installer None

Renewing an existing certificate

 

IMPORTANT NOTES:

 - Congratulations! Your certificate and chain have been saved at:

   /etc/letsencrypt/live/4wxyz.com/fullchain.pem

   Your key file has been saved at:

   /etc/letsencrypt/live/4wxyz.com/privkey.pem

   Your cert will expire on 2019-09-09. To obtain a new or tweaked

   version of this certificate in the future, simply run certbot

   again. To non-interactively renew *all* of your certificates, run

   "certbot renew"

 - If you like Certbot, please consider supporting our work by:

 

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate

   Donating to EFF:                    https://eff.org/donate-le

 

$ crontab -l

### domain renew

00 10 1-7 * *   [ "`date '+\%a'`" == Mon ] && /bin/bash /app/letsencrypt/certbot_renew.sh > /dev/null 2>&1

'___기타' 카테고리의 다른 글

[open source] knockpy : Subdomain Scanner  (0) 2019.08.07
Let's Encrypt(certbot)  (0) 2019.06.11
[MAC] geoiplookup 명령어 설치  (0) 2018.09.07
[URL] Rackmonkey  (0) 2017.06.07
[ANSIBLE] 계정 생성 및 삭제  (0) 2017.04.25
[ANSIBLE] 일반 계정 생성  (0) 2017.04.25

[사이트 URL] io 드로잉

draw.io


https://www.draw.io/

'___사이트URL' 카테고리의 다른 글

[사이트 URL] io 드로잉  (0) 2018.11.15
[사이트 URL] 조회 사이트  (0) 2018.11.12
[URL] patorjk.com  (0) 2018.10.23
[URL] Text to ASCII Art Generator  (0) 2018.10.23
[URL] Easy Bash PS1 Generator  (0) 2018.10.23
[URL] HeidiSQL  (0) 2018.08.13
◀ PREV 1234···131 NEXT ▶