Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/janniskirschner/horn3t

Powerful Visual Subdomain Enumeration at the Click of a Mouse
https://github.com/janniskirschner/horn3t

enumeration penetration-testing pentesting security-audit security-tools selenium selenium-webdriver subdomain-bruteforcing subdomain-enumeration subdomain-scanner subdomain-takeover subdomainsbrute sublist3r websecurity

Last synced: 4 months ago
JSON representation

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Host: GitHub
URL: https://github.com/janniskirschner/horn3t
Owner: JannisKirschner
License: gpl-2.0
Created: 2019-05-09T21:51:11.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2019-06-06T09:24:24.000Z (over 5 years ago)
Last Synced: 2024-09-29T02:05:42.396Z (4 months ago)
Topics: enumeration, penetration-testing, pentesting, security-audit, security-tools, selenium, selenium-webdriver, subdomain-bruteforcing, subdomain-enumeration, subdomain-scanner, subdomain-takeover, subdomainsbrute, sublist3r, websecurity
Language: Python
Size: 14.1 MB
Stars: 137
Watchers: 8
Forks: 30
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Horn3t 🐝 - Better Subdomain Reconnaissance

- **Recon** your targets at blazing speed
- **Enhance** your productivity by focusing on interesting *looking* sites
- **Enumerate** critical sites immediately
- **Sting** your target

Horn3t is your Nr #1 tool for exploring subdomains visually.
Building on the great Sublist3r framework (or extensible with your favorite one) it searches for subdomains and generates awesome picture previews. Get a fast overview of your target with http status codes, add custom found subdomains and directly access found urls with one click.

demo preview

# Installation
- Install Google Chrome
- Install requirements.txt with pip3
- Install requirements.txt of sublist3r with pip3
- Put the directory within the web server of your choice
- Make sure to have the right permissions
- Run horn3t.py

Or alternatively use the [install.sh](install.sh) file with docker.
Afterwards you can access the web portal under [http://localhost:1337](http://localhost:1337)

# Todo
- Better Scaling on Firefox
- Add Windows Dockerfile
- Direkt Nmap Support per click on a subdomain
- Direkt Dirb Support per click on a subdomain
- Generate PDF Reports of found subdomains
- Assist with subdomain takeover

## License

Horn3t is licensed under the GNU GPL license. take a look at the [LICENSE](https://github.com/JannisKirschner/Horn3t/blob/master/LICENSE) for more information.

Respect legal restrictions and only conduct testing against infrastructure that you have permission to target.

## Credits

* [aboul3la](https://github.com/aboul3la/sublist3r) - The creator of **Sublist3r**; turbolist3r adds some features but is otherwise a near clone of sublist3r.
* [TheRook](https://github.com/TheRook/) - The bruteforce module was based on his script **subbrute**.
* [bitquark](https://github.com/bitquark) - The Subbrute's wordlist was based on his research **dnspop**.

**Tested on Windows 10 and Debian with Google Chrome/Chromium 73**