AQUATONE – Tool for Domain Flyovers

Subdomain usually the favorite target for attackers this is because they may contain a database servers, Internal servers or just a forgotten instance that is running some critical vulnerabilities. During a pentest this will be one of the first check using automated scanners such as AQUATONE.

AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, User can then scan the hosts for common web ports and HTTP headers, HTML bodies and screenshots can be gathered and consolidated into a report for easy analysis of the attack surface.

AQUATONE - Tool for Domain Flyovers

AQUATONE – Tool for Domain Flyovers

Currently the set of tools include:

  • aquaton-discover;
  • aquaton-scan;
  • aquaton-gather;
  • aquaton-takeover.

Aquatone-discover will check the domain against Wayback Machine, Netcraft, HackerTarget , shodan , VT. ThreatCrowd and many more. Certain resources require API key to run the check. After running the discovery module attacker may run the remote scanning against the targeted domain. it will be also possible to find critical vulnerabilities such as heartbleed or vulnerable SSL version in use.

You can read more about the tool over here:

Notify of
Inline Feedbacks
View all comments