Comments (16)
@attacker34 facebook developer api added, update to v1.0.4, you will see a new directory : conf
inside it you will see keys.json
add your auth token there and test :)
from finalrecon.
https://github.com/thewhiteh4t/FinalRecon#configuration
from finalrecon.
@attacker34 Wayback machine integrated in crawler
and directory search
module, pulls data from last 1 year, please update to v1.0.6
from finalrecon.
Sure, I will test fprobe and analyse the ouput quality
from finalrecon.
@chestervdb this is a nice tool, currently finalrecon only looks for urls in javascripts, api keys etc would be really nice, i dont intend to add another tool in finalrecon but i can definitely implement it 👍
from finalrecon.
Great! I will try and implement these in next update, my goal for APIs was to include ones which don't need an auth key, I can add others which require keys if they really add value to the tool
from finalrecon.
Hi @thewhiteh4t Agree with you ... Yes, these services will surely add more value to this amazing tool, adding more results... You can ask the user to add "API Keys" instead of giving it your own API Keys (as findomain or other tools are doing). This Will surely become best ever Tool with these Enhancements.
One more thing to add here.. ffuf is amazing tool.. You can just feed the subdomains list to it against word list for Directory Bruteforcing.
Thanks again !!
from finalrecon.
Yes that's a better way to implement it, please compare my implementation of directory searching with fuff, what is missing in my implementation? Also is fuff better than gobuster and lulzbuster?
from finalrecon.
Hi @thewhiteh4t I am only suggesting ffuf due to its multiple features which you can see on their documentation & its specially good when we wanna directory bruteforce "list of domains"..
On other hand, gobuster & lulzbuster can't work well with list of domains i think and they also not have multiple options to be tested against.
Sincerely,
from finalrecon.
Alright, thanks a lot, I will look into it and will do some testing too!
from finalrecon.
@attacker34 do you have pro api of spyse?
with free version we cannot get more than 100 results,
{"error":{"code":"validation_error","message":"validation error","errors":[{"code":"max","location":"limit","message":"limit must be 100 or less"}]}}
if you have pro api, can you tell me how many subdomain results you are getting for google.com
from finalrecon.
We are already getting a lot of subdomains from free sources and facebook api unlike spyse
from finalrecon.
Hi @thewhiteh4t that's great... Now, In order to get more Good results you can attach it with "fprobe" for displaying only alive links..
https://github.com/theblackturtle/fprobe
With ./waybackurls we get a ton of data which can include dead links.
./waybackurls example.com > output.txt | ./fprobe -c 200
from finalrecon.
@attacker34 thanks! That will be very useful and it's easy to implement without even using fprobe or any other tool, will update soon
from finalrecon.
Hi @thewhiteh4t Great.. But try to display the Content size of Response...
from finalrecon.
Is it possible to include a secret finder (e,g, https://github.com/m4ll0k/SecretFinder) in the tool?
from finalrecon.
Related Issues (20)
- False Output HOT 15
- "statusCode": 401, "message": "Access denied due to improperly formed hibp-api-key." } HOT 1
- restart while was running on WSL2 HOT 1
- Error on directory search
- Handle exception HOT 5
- Permission denied while starting finalrecon HOT 4
- Error with the psycopg2-binary python library. HOT 19
- Dependency checker does not recognise the psycopg2-binary package HOT 3
- Attention: Someone stole your work HOT 6
- Keeps crashing HOT 3
- Modify results directory HOT 2
- ZSH: Segmentation Fault on Kali 2022.3 HOT 4
- no api key detected while keys are added into keys.json (m1 mac) HOT 2
- Windows support
- API Keys Issue HOT 18
- Social engineering
- readme.md Usage section needs update HOT 1
- Log file not found HOT 2
- Subdomain Enumeration error HOT 2
- Error with CAA (Certification Authority Authorization) DNS Record Type HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from finalrecon.