DomainDouche | OSINT Tool to Abuse SecurityTrails Domain Suggestion API To Find Potentially Related Domains By Keyword And Brute Force

Abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.

Use it while it still works :upside_down_face:

(Also, hmu on Mastodon: @[email protected])

Demo:

Usage:

usage: domaindouche.py [-h] [-n N] -c COOKIE -a USER_AGENT [-w NUM] [-o OUTFILE] keyword

Abuses SecurityTrails API to find related domains by keyword.
Go to https://securitytrails.com/dns-trails, solve any CAPTCHA you might encounter,
copy the raw value of your Cookie and User-Agent headers and use them with the -c and -a arguments.

positional arguments:
  keyword               keyword to append brute force string to

options:
  -h, --help            show this help message and exit
  -n N, --num N         number of characters to brute force (default: 2)
  -c COOKIE, --cookie COOKIE
                        raw cookie string
  -a USER_AGENT, --useragent USER_AGENT
                        user-agent string (must match the browser where the cookies are from)
  -w NUM, --workers NUM
                        number of workers (default: 5)
  -o OUTFILE, --output OUTFILE
                        output file path

GitHub:

1 Like