Pentest

The osintscan pentest command performs various pentest scans to identify vulnerabilities and security issues related to DNS and network infrastructure.

Usage

osintscan pentest [command]

Available Commands

• dns: DNS-focused penetration testing including subdomain takeover detection

Commands

DNS

Subcommands for DNS-focused penetration testing.

Takeover

Detect potential subdomain takeover vulnerabilities.

Usage

osintscan pentest dns takeover --targets https://example.com,subdomain.example.com

Help Text

Analyze the provided targets to identify DNS records that may be vulnerable to subdomain takeover attacks, using known fingerprints and heuristics.

Usage:
  osintscan pentest dns takeover [flags]

Flags:
      --fingerprints-file string   Path to the JSON file containing service fingerprints for takeover detection
  -h, --help                       help for takeover
      --successful-only            Show only confirmed successful takeovers in the results
      --target-files strings       File paths containing lists of targets to analyze for takeover vulnerabilities
      --targets strings            A list of URLs or domains to analyze for takeover vulnerabilities
      --timeout int                Timeout in seconds for each takeover check request (default 180)
      --verify-tls                 Verify TLS certificates when making HTTPS requests during takeover analysis

Global Flags:
  -o, --output string        Output format (signal, json, yaml). Default value is signal (default "signal")
  -f, --output-file string   Path to output file. If blank, will output to STDOUT
  -q, --quiet                Suppress output
  -v, --verbose              Verbose output