使用 Google BigQuery 的公开数据集来构造你的路径/子域名字典
TLDR
如果你只需要字典文件
https://github.com/assetnote/commonspeak2-wordlists
https://wordlists.assetnote.io/ (更新于2020/11)
Google BigQuery 有很多公开数据集具有一定价值。
比如 Alexa Top 1M 的数据,也有 github 上的代码文件的数据等,举几个例子:
1 Stories and comments form hackernews
2 Every SSL cert in Cert Transparency Logs
3 Contents from 3M public, open source from repositories on Github
4 HTTPArchive’s dataset obtained by crawling Alexa’s Top 1M list
5 All publicly available data from StackOverflow
基本信息
DEF CON 26 RECON VILLAGE – mgianarakis – Supercharge Your Web Recon With Commonspeak
https://www.youtube.com/watch?v=GxkuBFUfnL8
项目仓库
https://github.com/assetnote/commonspeak2
子域名字典
https://github.com/assetnote/commonspeak2-wordlists/tree/master/subdomains
使用示例
./commonspeak2 --project crunchbox-160315 --credentials credentials.json --ext-wordlist -e aspx -l 100000 -o aspx.txt
Leave a Reply