RSnake’s Fierce Domain Scanner
By Daniel Miessler on August 24th, 2008: Tagged as Information Security
Here’s a link to RSnake’s Fierce Domain Scanner. Here’s what it does, from the site:
Fierce domain scan was born out of personal frustration after performing a web application security audit. It is traditionally very difficult to discover large swaths of a corporate network that is non-contiguous. It’s terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can miss huge chunks of networks.
(snip)
Fierce is a reconnaissance tool. Fierce is a PERL script that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics.
I coded my own way of doing this when I was doing assessments for a living. But mine ended up being like three separate tools (hostfind, gscour, and a zone transfer tool). I never did integrate them all the way, though, and I would have used this one instead if I had known about it.
If you do assessments and you need to determine targets on a given domain, check it out.