Sudomy
Sudomy
Sudomy
Sudomy
Sudomy - Subdomain Enumeration & Analysis
Installation
Running in Docker
Features
How to use Engine/Resource
How to use Plugin
Extract & Collecting Path, Parameter & Endpoint
Collecting DB Port from Engine (Passive)
Resolving: Subdomains & Domains
Web Screenshots from Domain List
Getting Status Code from Domain List
Chek Live Host - Ping Sweep
Recognises Web Technologies
Detecting Live HTTP/HTTPS
Subdomain Takeover Check
Generate Report & Output
Powered by GitBook

Extract & Collecting Path, Parameter & Endpoint

Collecting Juicy URL & Scraping URL Parameter from Passive scan. Default Source Using Web Archive, CommonCrawl, UrlScan

  • Regex using DFA Engine (awk,sed)

  • Support and Collecting URL with multi Parameter to Fuzzing-

  • Removing Duplicate Parameter

There will be 3 files in output:

Passive_Collecting_URLParamter_Full.txt : This File is original collecting URL Parameter without Parsing ( Original URL & Parameter Value )

Passive_Collecting_URLParamter_Uniq.txt : This File is original collecting URL Parameter with Unique URL for Fuzzing

Passive_Collecting_JuicyURL.txt: This is a huge list of urls associated with the domain. Here we can get and extract relative paths, endpoint, url and interest strings.

cat Passive_Collecting_JuicyURL.txt | grep --colour=always -e "\.js"

Like filtering the javascript for found a sensitive data from JS Files

cat Passive_Collecting_JuicyURL.txt | grep --colour=always -e "\.pdf"

NOTE : As it fetches the parameters from WebArchive, CommonCrawl, URLscan data , so chances of false positives are high.

Previous
How to use Plugin
Next
Collecting DB Port from Engine (Passive)
Last updated 10 months ago