Levels-deep Subdomain Enumeration

Complexity
Discover overlooked assets by enumerating subdomains, sub-subdomains, sub-sub-subdomains, ...
trickest-mhmdiaa

Inventory 3.0

Complexity
Completely Transparent Attack Surface Management designed to monitor companies for new assets and streamline the asset management through easily readable CSV files.
zaric

Mass Web Server Discovery

Complexity
Efficiently discover live web servers across a large list of hosts
trickest-mhmdiaa

Enumerate AWS SSL Certificates

Complexity
Scan AWS's IP space to enumerate SSL certificates info like CNs, SANs, and SOs., and more.
trickest-mhmdiaa

ASN Based Network Scan

Complexity
Expand ASNs to CIDR ranges and do port scan the top 1000 ports.
zaric

Resolve and port scan a list of hosts

Complexity
Resolving host names first can lead to a faster port scan and give you more visibility into your target's IP space
trickest-mhmdiaa

Find a server's origin IP address

Complexity
Search for the origin IP address of a web server by scanning a list of IP addresses as seen on https://trickest.com/blog/cloudflare-bypass-discover-ip-addresses-aws and https://trickest.com/blog/hundreds-of-ssrfs
carlospolop

Enumerate GCP web servers

Complexity
Scan GCP's IP space for http ports as seen on https://trickest.com/blog/cloudflare-bypass-discover-ip-addresses-aws and https://trickest.com/blog/hundreds-of-ssrfs
carlospolop

Enumerate AWS web servers

Complexity
Scan AWS's IP space for http ports as seen on https://trickest.com/blog/cloudflare-bypass-discover-ip-addresses-aws and https://trickest.com/blog/hundreds-of-ssrfs
carlospolop

Subdomain Enumeration - @trick3st_bot Edition

Complexity
The workflow that powers the subdomain enumeration feature of the best security automation Twitter bot https://twitter.com/trick3st_bot
trickest-mhmdiaa

Asset Discovery & Vulnerability Scanning

Complexity
Discover hostnames comprehensively through passive and active techniques, enumerate web servers, scan for open ports, and discover vulnerabilities, disclosed secrets, exposed panels, and more. The workflow uses previous results as seeds; run it regularly and it may discover new assets every time. To start, set your domain name, wordlist limit, vulnerability filter, Trickest token, and workflow ID
trickest-mhmdiaa

Full Subdomain Enumeration

Complexity
Enumerate subdomains for a list of domains using multiple effective techniques. Follow along the workflow creation process on https://trickest.com/blog/full-subdomain-brute-force-discovery-using-workflow/
carlospolop

Screenshots and Analysis

Complexity
Take screenshots of a list of web servers (in parallel) and analyze the screenshots using eyeballer
trickest-mhmdiaa

Simple Visual Recon

Complexity
Find subdomains, check for available web servers and screenshot them.
trickest

Custom subdomain brute-force wordlist from IP ranges

Complexity
Generate a custom subdomain brute-force wordlist from a list of CIDRs/IP ranges
trickest-mhmdiaa

Inventory 2.0 - Web Servers

Complexity
Find live web servers for a list of subdomains. Check out the web servers of public bug bounty programs on https://github.com/trickest/inventory
trickest-mhmdiaa

Inventory 2.0 - Cloud Assets

Complexity
Enumerate cloud assets for a list of companies/hosts, across AWS, GCP, Azure, DigitalOcean, Linode, and other cloud providers. Check out the cloud assets of public bug bounty programs on https://github.com/trickest/inventory
trickest-mhmdiaa

Inventory 2.0 - Hostnames

Complexity
Enumerate hostnames/subdomains for a list of domains using multiple passive and active techniques. Check out the hostnames of public bug bounty programs on https://github.com/trickest/inventory
trickest-mhmdiaa

34 M Wordlist Subdomain Brute-Force

Complexity
Brute-Force subdomain with a huge wordlist
zaric

Hostnames S3 Bucket Finder

Complexity
Find s3 buckets by permutations of already known hostnames.
zaric

Get IPs and CNAMEs

Complexity
Get a list of IP addresses and CNAME values from a list of hosts.
zaric

Inventory 1.0

Complexity
Create a comprehensive and organized asset inventory of one or more companies - Check out the inventories of public bug bounty programs on https://github.com/trickest/inventory
trickest-mhmdiaa

Enumerate cloud resources

Complexity
Find cloud resources across different providers based on a target's name and hostnames
trickest-mhmdiaa

IP Ranges Port Scan

Complexity
Port-scan a list of IP ranges
trickest-mhmdiaa

Subdomain Port Scan

Complexity
Resolve and port-scan a list of subdomains
trickest-mhmdiaa

ProjectDiscovery Chaos - Gatherer

Complexity
Gather all subdomains from ProjectDiscovery's Chaos.
trickest-mhmdiaa