Introduction
Let me explain with the help of the official publicity briefing:
the importance of information collection in penetration testing is self-evident, and subdomain collection is an essential and very important part of information collection. At present, there are many open source tools for subdomain collection on the Internet , but there is always the following partial problem:
- It is not powerful enough, there are not enough interfaces for subdomain collection, and it cannot automatically collect batches of subdomains, and there are no functions such as automatic subdomain analysis, verification, FUZZ, and information expansion.
- Not friendly enough, although the command line module is more convenient, but when there are many optional parameters and the operation to be realized is complicated, using the command line mode is not friendly enough. If there is a front end with good interaction and high operability, the user experience will be much better .
- Lack of maintenance, many tools have not been updated once in a few years, what are issues and PRs, they do not exist.
- Efficiency issues, without using multi-process, multi-thread and asynchronous coroutine technology, the speed is slow.
In order to solve the above pain points, this project application was born. As the name suggests, I hope that OneForAll is a comprehensive and powerful ultimate artifact for comprehensive and fast subdomain collection.
github address: https://github.com/shmilylty/OneForAll
More detailed usage can be found in the official profile.
Install
installation requirements
OneForAll is developed and tested based on Python 3.6.0, and OneForAll needs a version higher than Python 3.6.0 to run.
Make sure your environment meets the requirements:
Installation process
There are two ways to install, git way to install and docker way to install.
You can choose either way. The following demonstrates the installation method of git.
First clone the source code to any directory:
git clone https://github.com/shmilylty/OneForAll.git
or:
git clone https://gitee.com/shmilylty/OneForAll.git
Then install:
first install OneForAll's dependencies through pip3, enter the root directory of OneForAll, run cmd as an administrator, and execute the following commands in sequence:
python3 -m pip install -U pip setuptools wheel -i https://mirrors.aliyun.com/pypi/simple/
pip3 install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
python3 oneforall.py --help
The results appear:
project update
git stash # 暂存本地的修改
git fetch --all # 拉取项目更新
git pull # 下载覆盖
git stash pop # 释放本地修改
use
NAME
oneforall.py - OneForAll帮助信息
SYNOPSIS
oneforall.py COMMAND | --target=TARGET <flags>
DESCRIPTION
OneForAll是一款功能强大的子域收集工具
Example:
python3 oneforall.py version
python3 oneforall.py --target example.com run
python3 oneforall.py --targets ./domains.txt run
python3 oneforall.py --target example.com --valid None run
python3 oneforall.py --target example.com --brute True run
python3 oneforall.py --target example.com --port small run
python3 oneforall.py --target example.com --fmt csv run
python3 oneforall.py --target example.com --dns False run
python3 oneforall.py --target example.com --req False run
python3 oneforall.py --target example.com --takeover False run
python3 oneforall.py --target example.com --show True run
Note:
参数alive可选值True,False分别表示导出存活,全部子域结果
参数port可选值有'default', 'small', 'large', 详见config.py配置
参数fmt可选格式有 'csv','json'
参数path默认None使用OneForAll结果目录生成路径
ARGUMENTS
TARGET
单个域名(二选一必需参数)
TARGETS
每行一个域名的文件路径(二选一必需参数)
FLAGS
--brute=BRUTE
s
--dns=DNS
DNS解析子域(默认True)
--req=REQ
HTTP请求子域(默认True)
--port=PORT
请求验证子域的端口范围(默认只探测80端口)
--valid=VALID
只导出存活的子域结果(默认False)
--fmt=FMT
结果保存格式(默认csv)
--path=PATH
结果保存路径(默认None)
--takeover=TAKEOVER
检查子域接管(默认False)
example
For more detailed parameters, you can enter the configuration file: config/setting.py to view/configure.