Lepus is a utility for identifying and collecting subdomains for a given domain. Subdomain discovery is a crucial part during the reconnaissance phase. One of the strength of Lepus lies at Performing several checks on identified domains for potential subdomain-takeover vulnerabilities. The module is enabled with --takeover and is executed after all others. If such a vulnerability is identified, the results are printed in the output and in a .csv file in the respective project folder under the directory with the results. Checks are performed for the following services.
Lepus performs the following.
Services (Collecting subdomains from the below services)
Dictionary mode for identifying domains (optional)
Permutations on discovered subdomains (optional)
Reverse DNS lookups on identified public IPs (optional)