Replies: 2 comments
-
|
@blacklist-arcc, thanks for sharing the idea, unfortunately, this does not go well with the number of queries you will make with this approach, for example, a single target can contain XXXX number of IP after resolving that needs to be searched, instead, APIs like https://internetdb.shodan.io is more suitable for the described use case. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for taking the time to discuss this. Is it realistic to implement this kind of queries in the tool uncover? On the other hand it should not be a problem to implement this in a oneliner without a tool either. Maybe direct usage of nrich is the right approach for this... |
Beta Was this translation helpful? Give feedback.
-
It would be nice to have a list of ip addresses as input instead of queries in order to quickly identify open ports on specific targets from various engines instead of a port scan running by naabu for example. Maybe there is an option already using a specific search string e.g. ip:1.1.1.1
In this case a command line parameter "prepend" may be a smooth solution in order to prepend a specific string to every line that comes from std in order to get a pipeline like:
subfinder -d TARGET | dnsx -resp-only -a | uncover | httpx | nuclei -t cve
Hopefully I have not overseeing something :)
Cheers.
Beta Was this translation helpful? Give feedback.
All reactions