• Stars
    star
    652
  • Rank 69,062 (Top 2 %)
  • Language
    Java
  • License
    MIT License
  • Created over 7 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

Open Source LoveMIT Licence

#更强大的版本请看 https://github.com/bit4woo/domain_hunter_pro 该版本后续可能会较少更新了。

A more powerful version, please see https://github.com/bit4woo/domain_hunter_pro , this one perhaps will not be updated.

author

bit4woo

domain_hunter

A Burp Suite extender that try to find sub-domains,similar domains and related domains of an organization automatically, not only domain. Some times similar domain and related domains give you surprise^_^. that's why I care about it.

video(视频教程)

https://www.bilibili.com/video/BV1Jt4y1U7YG/

usage

  1. download this burp extender from here.
  2. add it to burp suite. you will see a new tab named “Domain Hunter”, if no error encountered.
  3. visit your target website(or App) with burp proxy enabled, ensure burp recorded http or https traffic of your target.
  4. you can just switch to the "domain hunter" tab, input the domain that you want to search and click "Search" button.
  5. or you can run "Crawl" firstly to try to find more sub-domains and similar domains.

usage

screenshot

domain-hunter-v1.1

change log

2017-07-28: Add a function to crawl all known subdomains; fix some bug.

2018-07-06: Add the ability to get related domains by get SANs object of certification.

2018-08-03: Use thread to speed up get related-domains.

2018-09-18: Optimize some steps to reduce memory usage.

2018-09-19: Update getSANs() method to void get domains of CDN provider.

2018-09-20: Update logic of getting possible https URLs that may contain related-domains

2018-09-21: Update logic of "includeInScope" and "sendToSpider" to reduces UI action time

2018-09-29: Add Upload function to support upload result to your site or system

2018-10-30: Big Change: try to find sub-domains, similar domains , related domains of an organization(enterprise), not only a domain.

2018-11-01: Add "Add to domain hunter" menu in site map tree.

2019-07-06: Use multiple thread to improve search speed. Use regex to find more domain in every response.

xmind of domain collection

xmind

Burp插件微信交流群

wechat_group

More Repositories

1

domain_hunter_pro

domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
Java
1,421
star
2

knife

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Java
1,175
star
3

teemo

A Domain Name & Email Address Collection Tool
Python
932
star
4

Fiora

Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。
Java
890
star
5

Summit_PPT

各种安全大会PPT PDF
Ruby
886
star
6

reCAPTCHA

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Java
749
star
7

burp-api-drops

burp插件开发指南
Java
511
star
8

passmaker

可以自定义规则的密码字典生成器,支持图形界面 A password-generator that base on the rules that you specified
Python
482
star
9

code2sec.com

xmind\code\articles for my personal blog 个人博客上的资源备份存储,也是个人分享的汇总
Python
205
star
10

u2c

Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
Java
165
star
11

Java_deserialize_vuln_lab

Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
Java
83
star
12

ReSign

A burp extender that recalculate signature value automatically after you modified request parameter value.
Java
60
star
13

burp_collaborator_http_api

Burp Suite Collaborator HTTP API
Java
46
star
14

burp-api-common

common methods that used by my burp extension projects
Java
42
star
15

secqa

解答开发关于安全漏洞的常见问题
41
star
16

GUI_Burp_Extender_para_encrypter

Burp_Extender_para_encrypter
Java
40
star
17

Burp_Extender_random_X-Forward-For

a Burp Extender that add an random X-Forward-For IP address for each request
Java
32
star
18

CVE-2020-13925

16
star
19

ShowMeData

数据提取和处理工具
Java
9
star
20

log4jScan

Java
7
star
21

2redis

save burp traffic to redis 将burp的流量保存到redis
Java
7
star
22

theHarvester

theHarvester that change from https://github.com/laramies/theHarvester. add proxy option to cross GFW
Python
7
star
23

Ashe

Add Scan Task To WVS
Python
6
star
24

IdentityCardNumberBruter

To Find Possibe ID Card Number
Python
5
star
25

HTTP_Basic_Auth_Bruter

HTTP Basic Auth Bruter
Python
4
star
26

Burp_Extender_sign_recalculater_python

To Recalculate sign in http request
Python
3
star
27

utilbox

python 常用 函数
Python
2
star
28

bit4woo

2
star
29

LoadFromXmind

To Load Github Scripts From Xmind Index
Python
1
star