Nytro Posted February 21, 2015 Report Posted February 21, 2015 Knock Subdomain Scan v.3.0rc1Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. Usage knockpy [-h] [-v] [-w WORDLIST] [-r] [-z] domain positional arguments: domain specific target domain, like domain.com optional arguments: -h, --help show this help message and exit-v, --version show program's version number and exit-w WORDLIST specific path to wordlist file-r, --resolve resolve ip or domain name-z, --zone check for zone transfer note: the ALIAS name is marked in yellow. Example subdomain scan with internal wordlist knockpy domain.com subdomain scan with external wordlist knockpy domain.com -w wordlist.txt resolve domain name and get response headers knockpy -r domain.com check zone transfer for domain name knockpy -z domain.com Install from pypi (as root) pip install https://github.com/guelfoweb/knock/archive/knock3.zip or manually, download zip and extract folder cd knock-knock3/ (as root) python setup.py install note: tested with python 2.7.6 | is recommended to use google dns (8.8.8.8 | 8.8.4.4) Talk about Ethical Hacking and Penetration Testing Guide Book by Rafay Baloch Other This tool is currently maintained by Gianni 'guelfoweb' Amato, who can be contacted at guelfoweb@gmail.com or twitter @guelfoweb. Suggestions and criticism are welcome. Sponsored by Security SideSursa: https://github.com/guelfoweb/knock/tree/knock3 Quote
