domainim: A fast and comprehensive tool for organizational network scanning

domainim

Domainim is a Blazing fast domain reconnaissance tool for bounty hunters written in Nim.

Features

• Virtual hostname enumeration
• Reverse DNS lookup
• Subdomains as input
• Verbose output
• TCP port scanning with full user control
• Subdomain enumeration (2 engines)
• Resolving A records (IPv4)
• Progress tracking
• TCP port scanning
• Update verbose output when encountering errors (v0.2.0)
• Show progress bar for longer operations

Usage

• <domain> is the domain to be enumerated. It can be a subdomain as well.
• <ports> is a string speicification of the ports to be scanned. It can be one of the following-
  • all – Scan all ports (1-65535)
  • none – Skip port scanning
  • t<n> – Scan top n ports (same as nmap). i.e. t100 scans top 100 ports. Max value is 5000. If n is greater than 5000, it will be set to 5000.
  • single value – Scan a single port. i.e. 80 scans port 80
  • range value – Scan a range of ports. i.e. 80-100 scans ports 80 to 100
  • comma separated values – Scan multiple ports. i.e. 80,443,8080 scans ports 80, 443 and 8080
  • combination – Scan a combination of the above. i.e. 80,443,8080-8090,t500 scans ports 80, 443, 8080 to 8090 and top 500 ports

Examples

• ./domainim nmap.org –ports=all
• ./domainim google.com –ports=none
• ./domainim pptx704.com –ports=t100
• ./domainim mysite.com –ports=t50,5432,7000-9000

Install

Copyright (c) 2023 pptx704