- New subdomain takeover for Zammad.com
- New --front option to identify frontable domains
- Enrich submodule: Permutating subdomains based on previously identified strings
- Regulator submodule: Identify new subdomains with regular language ranking
- GPT submodule: Use ChatGPT to identify more potential subdomains
- Expand submodule: expand already identified domains from a level downwards
- Added optional API key support for CertSpotter since they are now SSLMate
- Added optional API key support for HackerTarget
- New Digitorus collector
- New Qianxin Hunter collector
- New Redhunt Labs collector
- New Columbus Elmasy collector
- Added a "hide findings" flag to suppress findings from being printed to the console
- Added certain new wordlists for different cases
- Fixed a bug in PassiveTotal collector in order to discard trash when there is a wildcard
- Fixed a bug in Shodan collector to handle "no results"
- Fixed Censys collector to handle API v2
- Fixed WebScout collector to handle their new API
- Fixed ZoomEye collector to handle their new API
- Applied a filter to remove already known subdomains from Permutations and Enrich
- Applied a fix on how certain types of results are written to file
- Fixes in the signatures of several takeovers
- Updated wordlists
- Marked certain collectors for potential deprecation
- Small change in how Markov chunks are generated
- Bumped wildcard genetion chunk size to 100k from 10k
- Revamped takeover submodule to work with templates
- Added several more collectors
- Made the import of the collector submodules more dynamic
- Fixed several collectors that had issues with their APIs
- Removed certain collectors that had become obsolete/deprecated
- Added Markov submodule
- Added RIPE database lookup for CIDRs to be used in reverse lookup
- Added --flush flag to purge an entry from the database and exit
- Signature for kayako takeover
- Signature for ning takeover
- Signature for moosend takeover
- Added export functionality when ctrl+c is pressed up to the latest completed module - does not create diff.
- New Project Discovery Chaos collector
- New ZoomEye collector
- New ThreatMiner collector
- New FOFA collector
- Fixed bugs in Censys collector so that search result limit is identified and identification is better
- Fixed logical bug in portscan that caused very long duration of execution
- Removed Entrust Certificates collector as it's no longer being used
- Better exception handling in some minor cases
- Fixed a bug in CertSpotter collector's result identification
- Fixed a bug in DNSTrails collector's result identification
- Fixed a bug in GoogleTransparency collector's response parsing
- Fixed logic bugs in Shodan collector
- Fixed a bug in ProjectCrobat collector
- Changed database name from findings.sqlite to lepusdb.sqlite
- Minor cosmetic fixes in output
- Updated user-agent strings
- Changed README file
- Updated requirements.txt
- Added Project Crobat collector
- Added export of wildcards
- Fixed a bug on the CRT collector
- Fixed a bug that was unintentionally purging the retrieved DNS records of the target domain
- Updated requirements.txt
- Updated Spyse collector
- Removed broken Entrust Certificates collector
- Added history on diff log
- Fixed a bug on the Slack messaging mechanism
- Updated requirements.txt
- Added various new signatures for takeover identification
- Added the ability to have more than one signature per service
- Added new permutation function for numeric iteration
- Fixed the Spyse collector so that it's working due to changes in the API
- Changed handling of permutations so now they happen in chunks
- Changed handling of wildcard identification to use chunks
- Memory handling is a lot better
- Updated README.md
- Display location information on networks identified by the RDAP submodule
- Diff between runs against the same domain
- Various enhancements on export functionality
- Updated README.md
- Updated requirements.txt
- Slack notifications on new potential takeovers
- Export of findings
- Fixed a logic bug on the handling of old findings
- Database improvements
- Removed DNSDB collector
- Updated README.md
- Updated requirements.txt
- SQLite integration
- IPv6 support
- Memory management improvements
- Spyse API collector
- Fixed an issue on the wildcard identification logic
- Fixed a logic bug on the CertSpotter collector
- Updated README.md
- Updated requirements.txt
- Updated .gitignore
- Added new takeover signatures
- Added various records to the words.txt list used for permutations
- Removed FindSubdomains collector
- Added Takeover module
- Implemented chunking in places were it wasn't present but might be needed
- Progress bars now appear on the same line as different chunks are processed
- Added ports 9943 and 9980 in the "huge" preset for the portscan module
- Fix in Censys collector regarding pagination and false positives
- Fix in DNSDB collector - error handling to account for cloudflare changes
- Fix in Riddler collector - error handling when 500 internal server error occurs
- Fix in DNSTrails collector - error handling when api search limit has been exceeded
- Fix in CRT collector - account for 504 server response when the query times out
- Fix a bug during wildcard identification that didn't allow for threads to finish properly
- Updated README.md for Portscan and Takeover
- Updated requirements.txt to account for new cloudflare bypass
- Portscan module - slight change due to my OCDs
- Updated wordlists
- Added generic exception handling on all collectors in case something odd happens
- Added Project Sonar collector
- Re-implemented DNSDB collector with CF Anti-DDOS bypass
- URLs generated from the Port Scan module are now also printed on the console
- Fixed a bug on Port Scan module where URLs were not generated correctly
- Updated requirements.txt
- Updated README.md
- Support for Python 3
- Exception handling on CRT.sh collector
- Added BSD-3 Clause LICENSE
- Added CHANGELOG.md
- Updated README.md
- Updated requirements.txt
- Removed DNSDB collector
- Removed DNSDumpster collector
- Historic diff logs
- Double allocations in permutations
- Minor tweak on permutations
- Updated requirements.txt
- New subdomain wordlist
- Replaced ASN and WHOIS modules with a single module that performs RDAP lookups
- Added diff checks on wildcard identification
- Moved diff check with old findings before the execution of RDAP module
- Changed some output in order to be consistent across all modules
- Updated README.md
- Improved exception handling for Riddler collector
- Redesigned the wildcard identification to catch true negatives that were missed
- Added .gitignore
- Improved exception handling
- Fixed a bug on argument validity checks
- Fixed a bug on wildcard identification
- Updated requirements.txt
- Updated README.md
- Added zone transfer capability
- Added reverse lookups on IP ranges (-r, --ranges)
- Added validity checks on provided arguments
- Added chunk support on reverse lookups
- Added chunk support on port scan
- Fixed a bug on wildcard checks
- Fixed a bug on diff checks with old results
- Utilities code redesign
- Updated README.md
- Entrust Certificates collector
- CertSpotter collector
- SSL identification on portscan & url generation
- Reverse DNS submodule
- Diff on resolved domains from previous run
- Rewrite of the wildcard identification mechanism
- Exception handling on Censys collector
- Convert to lowercase and unique after final list is merged
- ASN and WHOIS checks are only performed on public resolved IPs
- Updated requirements.txt
- Updated README.md
- Removed --show-wildcards option
- Small additions to permutation wordlist
- Added top ~100k subdomains list under lists/
- Added functionality to save results from collectors
- Now saving project folders under results/
- Showing total parts while progress-bar is loading