home.social

#subfinder — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #subfinder, aggregated by home.social.

  1. 🎯 Threat Intelligence
    ======================

    🛠️ Tool

    Executive summary: A curated catalog of 100 n8n workflow ideas
    targeting Red Team, Blue Team (SOC/DFIR/TI), AppSec/DevSecOps and
    general platform security. Each entry maps a specific objective to
    integrations and a node-level flow outline suitable for direct
    implementation in n8n.

    Technical scope and components: The collection spans reconnaissance
    (subfinder, amass, DNSDB), active scanning (nmap, naabu, masscan),
    telemetry enrichment (Shodan, Censys, GeoIP, AbuseIPDB), offensive
    tooling orchestration (GoPhish, custom IdP for lab credential sprays),
    artifact lifecycle (S3/TimescaleDB/PostgreSQL), and C2/event
    forwarding (CS/Havoc/Sliver webhooks). Flows consistently use common
    n8n primitives: Cron/Webhook triggers, Exec/HTTP request nodes,
    IF/Switch logic, database upserts, and batching/merge nodes for scale.

    Implementation considerations: Several ideas assume controlled lab
    environments (credential spraying, EDR evasion tests, malicious macro
    builders). The patterns emphasize separation of concerns:
    scanning/extraction → enrichment → dedupe/persistence → alerting/issue
    creation. Integrations call for credential handling via secret stores
    and rate-limiting (delay/wait nodes) to avoid false positives and
    service throttling.

    Detection and defensive value: For Blue Team use-cases, flows include
    automated ingestion of C2 events, decoy link tracking with GeoIP and
    reputation scoring, exfiltration simulation to cloud storage for DLP
    tuning, and continuous attack-surface change detection that creates
    tickets for new/changed hosts or open ports. These provide repeatable
    pipelines for measurement and tuning of SOC detections.

    Operational risks and guardrails: Several recipes are explicitly
    offensive and must remain confined to testbeds. Logging and artifact
    management recommendations include hashing artifacts at ingest,
    storing evidence in immutable buckets, and tagging DB records with
    provenance to support IR workflows.

    Concluding assessment: This collection is a practical playbook for
    security teams seeking to automate repetitive reconnaissance, testing
    and monitoring tasks using n8n. It lowers implementation friction by
    providing ready-to-adapt node sequences and integration patterns.

    🔹 n8n #automation #subfinder #gophish #bookmark

    🔗 Source: github.com/CyberSecurityUP/n8n

  2. Simple Script for Finding Cross
    Site Scripting (XSS) vulns

    #!/bin/bash

    subfinder -d $1 -o domains_subfinder_$1
    amass enum --passive -d $1 -o domains_$1

    cat domains_subfinder_$1 | tee -a domain_$1
    cat domains_$1 | filter-resolved | tee -a domains_$1.txt

    cat domains_$1.txt | httprobe -p http:81 -p http:8080 -p https:8443 | waybackurls | kxss | tee xss.txt

    github.com/projectdiscovery/su
    github.com/OWASP/Amass
    github.com/tomnomnom/hacks/tre
    github.com/tomnomnom/httprobe
    github.com/tomnomnom/waybackur
    github.com/tomnomnom/hacks/tre

    #bugbounty #bugbountytips #xss #subfinder #httprobe #waybackurls #kxss #amass

  3. Hunting for *interesting* domains

    subfinder -d site.com -all | dnsprobe -silent | cut -d ' ' -f1 | grep --color 'dmz\|api\|staging\|env\|v1\|stag\|prod\|dev\|stg\|test\|demo\|pre\|admin\|beta\|vpn\|cdn\|coll\|sandbox\|qa\|intra\|extra\|s3\|external\|back'

    github.com/projectdiscovery/su
    github.com/projectdiscovery/dn

    #bugbounty #bugbountytips #subfinder #dnsprobe