Aquatone is a good tool to discover domains, ports, service and more. You can install https://github.com/michenriksen/aquatone and start to use it. Outside there are a lot of the same tool but this one is very popular and effective.
This will look for the domain’s
hosts.json file in the
aquatone directory. Aquatone by default has four inbuilt port scanning flags (small, medium, large, and huge). These flags will decide the number of ports being scanned on the hosts, or we can define custom ports by using the
aquatone-gather: This tool makes a connection to the web services found using the discover and scanner modules of aquatone and takes screenshots of discovered web pages for later analysis.
aquatone-takeover: This module is used to find subdomains that are vulnerable to the subdomain takeover vulnerability.
- Previous Post