What is Knockpy
Knockpy is a very useful full tool by using this tool we can find subdomain takeover vulnerability and at the same time, this tool gives information about the domain and subdomain’s IP address and server.
How To Install
Open your terminal in kali Linux and enter these commands
git clone https://github.com/guelfoweb/knock.git
cd knock
pip3 install -r requirements.txt
python3 knockpy.py domain.com
Here Is some example of this tool
usage: knockpy [-h] [-v] [--no-local] [--no-remote] [--no-http] [--no-http-code CODE [CODE ...]] [--dns DNS] [-w WORDLIST] [-o FOLDER] [-t SEC] [-th NUM] domain
--------------------------------------------------------------------------------
* SCAN
full scan: knockpy domain.com
ignore code: knockpy domain.com --no-http-code 404 500 530
threads: knockpy domain.com -th 50
timeout: knockpy domain.com -t 2
* REPORT
show report: knockpy --report knockpy_report/domain.com_yyyy_mm_dd_hh_mm_ss.json
plot report: knockpy --plot knockpy_report/domain.com_yyyy_mm_dd_hh_mm_ss.json
csv report: knockpy --csv knockpy_report/domain.com_yyyy_mm_dd_hh_mm_ss.json
* SETTINGS
set apikey: knockpy --set apikey-virustotal=APIKEY
set timeout: knockpy --set timeout=sec
set threads: knockpy --set threads=num
--------------------------------------------------------------------------------
positional arguments:
domain target to scan
options:
-h, --help show this help message and exit
-v, --version show program's version number and exit
--no-local local wordlist ignore
--no-remote remote wordlist ignore
--no-http http requests ignore
--no-http-code CODE [CODE ...]
http code list to ignore
--dns DNS use custom DNS ex. 8.8.8.8
-w WORDLIST wordlist file to import
-o FOLDER report folder to store json results
-t SEC timeout in seconds
-th NUM threads num