0004341: VHostScan - Virtual Host Scanner - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0004341	Kali Linux	Queued Tool Addition	public	2017-11-07 05:03	2020-06-17 14:58

Reporter	codingo	Assigned To
Priority	normal	Severity	minor	Reproducibility	N/A
Status	acknowledged	Resolution	open

Summary	0004341: VHostScan - Virtual Host Scanner
Description	Github: https://github.com/codingo/VHostScan A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results have dynamic content on the page (such as the time) Identify aliases by tweaking the unique depth of matches Wordlist supports standard words and a variable to input a base hostname (for e.g. dev.%s from the wordlist would be run as dev.BASE_HOST) Works over HTTP and HTTPS Ability to set the real port of the webserver to use in headers when pivoting through ssh/nc Add simple response headers to bypass some WAF products Identify new targets by using reverse lookups and append to wordlist

g0tmi1k 2018-01-29 15:18 administrator ~0008498	To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us): [Name] - The name of the tool [Version] - What version of the tool should be added? --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag) [Homepage] - Where can the tool be found online? Where to go to get more information? [Download] - Where to go to get the tool? [Author] - Who made the tool? [Licence] - How is the software distributed? What conditions does it come with? [Description] - What is the tool about? What does it do? [Dependencies] - What is needed for the tool to work? [Similar tools] - What other tools are out there? [How to install] - How do you compile it? [How to use] - What are some basic commands/functions to demonstrate it?

codingo 2018-01-30 05:25 reporter ~0008559	As requested: [Name] - VHostScan [Version] - Releases are built and tagged on github, the latest is 1.21 [Homepage] - https://github.com/codingo/VHostScan/ [Download] - https://github.com/codingo/VHostScan/releases [Author] - @codingo_ and @__timk [Licence] - GPLv3 [Description] A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. [Dependencies] Python 3.2, library dependencies outlined here: https://github.com/codingo/VHostScan/blob/master/requirements.txt [Similar tools] Burp Suite Professional can achieve a similar outcome and NMap has an NSE scan to scan for hosts however having a dedicated tool adds flexibility and speed to discovering hosts. [How to install] Either via the setup.py within the repository or by running [ pip install -r requirements.txt ] after cloning. [How to use] Screenshots and explanations can be found in the base readme file of the repository: https://github.com/codingo/VHostScan/blob/master/README.md

codingo 2018-05-01 11:59 reporter ~0009078	Just touching base to see if anything further can be provided to move this along?

g0tmi1k 2020-03-25 13:34 administrator ~0012540	@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

Date Modified	Username	Field	Change
2017-11-07 05:03	codingo	New Issue
2018-01-29 10:24	g0tmi1k	Summary	Add VHostScan - Virtual Host Scanner => VHostScan - Virtual Host Scanner
2018-01-29 15:18	g0tmi1k	Note Added: 0008498
2018-01-30 05:25	codingo	Note Added: 0008559
2018-05-01 11:59	codingo	Note Added: 0009078
2020-03-25 13:34	g0tmi1k	Note Added: 0012540
2020-03-25 13:34	g0tmi1k	Status	new => acknowledged
2020-03-25 13:34	g0tmi1k	Category	New Tool Requests => Queued Tool Addition
2020-06-17 14:58	g0tmi1k	Severity	feature => minor