Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 2f429a6

Browse files
authored
Merge pull request #134 from jarek-bir/master
Enhanced VHostScan v2.1.0 - Additional wordlists and improvements
2 parents 2fd84a2 + dd77f84 commit 2f429a6

19 files changed

+1384
-144
lines changed

‎.gitignore‎

Lines changed: 54 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33

44
# Byte-compiled / optimized / DLL files
55
__pycache__/
6+
*.py[cod]
67
*$py.class
78

89
# C extensions
@@ -17,14 +18,17 @@ dist/
1718
downloads/
1819
eggs/
1920
.eggs/
21+
lib/
2022
lib64/
2123
parts/
2224
sdist/
2325
var/
2426
wheels/
27+
share/python-wheels/
2528
*.egg-info/
2629
.installed.cfg
2730
*.egg
31+
MANIFEST
2832

2933
# PyInstaller
3034
# Usually these files are written by a python script from a template
@@ -39,13 +43,17 @@ pip-delete-this-directory.txt
3943
# Unit test / coverage reports
4044
htmlcov/
4145
.tox/
46+
.nox/
4247
.coverage
4348
.coverage.*
4449
.cache
4550
nosetests.xml
4651
coverage.xml
4752
*.cover
53+
*.py,cover
4854
.hypothesis/
55+
.pytest_cache/
56+
cover/
4957

5058
# Translations
5159
*.mo
@@ -54,6 +62,8 @@ coverage.xml
5462
# Django stuff:
5563
*.log
5664
local_settings.py
65+
db.sqlite3
66+
db.sqlite3-journal
5767

5868
# Flask stuff:
5969
instance/
@@ -66,27 +76,45 @@ instance/
6676
docs/_build/
6777

6878
# PyBuilder
79+
.pybuilder/
6980
target/
7081

7182
# Jupyter Notebook
7283
.ipynb_checkpoints
7384

85+
# IPython
86+
profile_default/
87+
ipython_config.py
88+
7489
# pyenv
7590
.python-version
7691

77-
# celery beat schedule file
92+
# pipenv
93+
#Pipfile.lock
94+
95+
# poetry
96+
#poetry.lock
97+
98+
# pdm
99+
.pdm.toml
100+
101+
# PEP 582
102+
__pypackages__/
103+
104+
# Celery stuff
78105
celerybeat-schedule
106+
celerybeat.pid
79107

80108
# SageMath parsed files
81109
*.sage.py
82110

83-
# dotenv
111+
# Environments
84112
.env
85-
86-
# virtualenv
87113
.venv
88114
venv/
89115
ENV/
116+
env.bak/
117+
venv.bak/
90118

91119
# Spyder project settings
92120
.spyderproject
@@ -100,6 +128,28 @@ ENV/
100128

101129
# mypy
102130
.mypy_cache/
131+
.dmypy.json
132+
dmypy.json
133+
134+
# Pyre type checker
135+
.pyre/
136+
137+
# pytype static type analyzer
138+
.pytype/
139+
140+
# Cython debug symbols
141+
cython_debug/
142+
143+
# PyCharm
144+
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
145+
# be added to the global gitignore or merged into this project gitignore. For a PyCharm
146+
# project, it is a good idea to exclude the modules below from the gitignore file, like:
147+
# *.iml
148+
# .idea/
149+
150+
# VHostScan specific
151+
output/
152+
*.output
103153
*.suo
104154
*.pyproj
105155
*.sln

‎CHANGELOG.md‎

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
# Changelog
2+
3+
## [2.1.0] - 2025年08月17日 (Enhanced Version)
4+
5+
### New Features - Enhanced Version
6+
- **Enhanced Wordlists**: Added specialized wordlists for modern infrastructure
7+
- `cloud-modern.txt` - Modern cloud services, containers, and DevOps tools (~1,200 entries)
8+
- `pentest-focused.txt` - Security assessment and penetration testing focused (~600 entries)
9+
- Enhanced `common-vhosts.txt` with additional common patterns (~800 entries)
10+
- **Comprehensive Documentation**: Added detailed wordlist documentation (WORDLISTS.md)
11+
- **Improved User Experience**: Better error messages and progress indicators
12+
13+
### Enhanced Wordlists Content
14+
- **Cloud Infrastructure**: AWS, Azure, GCP, Docker, Kubernetes endpoints
15+
- **Modern DevOps**: CI/CD, monitoring, logging, and deployment patterns
16+
- **Security Testing**: Admin panels, development environments, testing interfaces
17+
- **International Support**: Extended with international naming conventions
18+
19+
### Documentation Improvements
20+
- Complete English documentation across all files
21+
- Detailed wordlist usage examples and recommendations
22+
- Performance considerations and scan time estimates
23+
- Custom wordlist creation guidelines
24+
- Proper attribution to original author (Codingo)
25+
26+
### Credits
27+
- **Original Project**: VHostScan by [Codingo](https://github.com/codingo)
28+
- **Enhanced Version**: Community improvements with additional wordlists and modernizations
29+
- **Acknowledgment**: This enhanced version builds upon Codingo's excellent foundation
30+
31+
## [2.0.0] - 2025年08月10日 (Original Modernization)
32+
33+
### Major Changes
34+
- **Breaking**: Updated to support Python 3.8+ (dropped Python 2.7 support)
35+
- **Major refactoring**: Updated all dependencies to modern versions
36+
37+
### Updated Dependencies
38+
- `dnspython` from unlocked to `>=2.4.0`
39+
- `fuzzywuzzy` with speedup support `>=0.18.0`
40+
- `numpy` from ancient `==1.12.0` to `>=1.24.0`
41+
- `pandas` to `>=2.0.0`
42+
- `requests` to `>=2.31.0`
43+
- `simplejson` to `>=3.19.0`
44+
- `urllib3` to `>=2.0.0`
45+
46+
### Testing Dependencies
47+
- Replaced deprecated `pep8` with `flake8>=6.0.0`
48+
- Updated `pytest` to `>=7.0.0`
49+
- Updated `pytest-mock` to `>=3.10.0`
50+
51+
### Code Improvements
52+
- Added proper type hints throughout the codebase
53+
- Improved error handling and exception management
54+
- Better Unicode/encoding support (UTF-8 everywhere)
55+
- Updated DNS resolution to use modern `dns.resolver.resolve()` instead of deprecated `query()`
56+
- Improved SSL/TLS handling for newer urllib3 versions
57+
- Enhanced file operations with proper directory creation
58+
- Better user agent handling and validation
59+
60+
### Project Structure
61+
- Added modern `pyproject.toml` configuration
62+
- Enhanced `.gitignore` for better Python development
63+
- Improved `setup.py` with proper version handling
64+
- Added development dependencies section
65+
66+
### Bug Fixes
67+
- Fixed output file method naming inconsistency (`output_grepable` vs `write_grepable`)
68+
- Fixed uninitialized variable in `output_grepable_detail()`
69+
- Improved error handling in DNS resolution
70+
- Better SSL certificate handling
71+
72+
### Development
73+
- All tests passing on Python 3.13
74+
- Compatible with Python 3.8-3.12+
75+
- Modern packaging with setuptools and wheel
76+
- Enhanced development experience with better tooling
77+
78+
## [1.21] - Previous Version
79+
- Legacy version with old dependencies and Python 2.7 support

‎README.md‎

Lines changed: 82 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,20 @@
11
# VHostScan
2+
23
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 ([slidedeck](https://docs.google.com/presentation/d/1KDY7bnCpCGabJn8UpmHGSb6z_hi_WGf3ETxzykTNjWY)).
34

4-
[![Build Status](https://travis-ci.org/codingo/VHostScan.svg?branch=master)](https://travis-ci.org/codingo/VHostScan) [![Python 3.2|3.6](https://img.shields.io/badge/python-3.2|3.6-green.svg)](https://www.python.org/) [![PEP8](https://img.shields.io/badge/code%20style-pep8-orange.svg)](https://www.python.org/dev/peps/pep-0008/)
5+
**This is an enhanced version of the original VHostScan by [Codingo](https://github.com/codingo) with additional improvements, modernized codebase, and expanded wordlists for better virtual host discovery.**
6+
7+
[![Build Status](https://travis-ci.org/codingo/VHostScan.svg?branch=master)](https://travis-ci.org/codingo/VHostScan) [![Python 3.8+](https://img.shields.io/badge/python-3.8%2B-green.svg)](https://www.python.org/) [![PEP8](https://img.shields.io/badge/code%20style-pep8-orange.svg)](https://www.python.org/dev/peps/pep-0008/)
58
[![License](https://img.shields.io/badge/license-GPL3-_red.svg)](https://www.gnu.org/licenses/gpl-3.0.en.html) [![Twitter](https://img.shields.io/badge/twitter-@____timk-blue.svg)](https://twitter.com/__timk) [![Twitter](https://img.shields.io/badge/twitter-@codingo__-blue.svg)](https://twitter.com/codingo_)
69

10+
## What's New in This Enhanced Version
11+
12+
- **Modernized Codebase**: Updated to Python 3.8+ with type hints and modern practices
13+
- **Enhanced Wordlists**: New specialized wordlists for cloud, pentesting, and modern infrastructure
14+
- **Improved Error Handling**: Better error handling and more robust scanning
15+
- **Performance Optimizations**: Faster scanning with improved efficiency
16+
- **Extended Documentation**: Comprehensive wordlist documentation and usage examples
17+
718

819
## Key Benefits
920

@@ -29,14 +40,27 @@ Then run application `docker run --rm -it vhostscan -t ́
2940

3041
# Install Requirements
3142

32-
Install using:
43+
VHostScan requires Python 3.8 or higher. Install using:
3344

3445
```bash
35-
$ python3 setup.py install
46+
$ pip install VHostScan
3647
```
3748

38-
Dependencies will then be installed and VHostScan will be added to your path. If there is an issue regarding
39-
running `python3 setup.py build_ext`, you will need to reinstall `numpy` using `pip uninstall numpy` and `pip install numpy==1.12.0`. This should resolve the issue as there are sometimes issues with numpy being installed through setup.py.
49+
Or install from source:
50+
51+
```bash
52+
$ git clone https://github.com/codingo/VHostScan.git
53+
$ cd VHostScan
54+
$ pip install .
55+
```
56+
57+
For development:
58+
59+
```bash
60+
$ pip install -e .
61+
```
62+
63+
Dependencies will then be installed and VHostScan will be added to your path.
4064

4165
# Usage
4266

@@ -45,7 +69,7 @@ running `python3 setup.py build_ext`, you will need to reinstall `numpy` using `
4569
| -h, --help | Display help message and exit |
4670
| -t TARGET_HOSTS | Set the target host. |
4771
| -b BASE_HOST | Set host to be used during substitution in wordlist (default to TARGET).|
48-
| -w WORDLISTS | Set the wordlist(s) to use. You may specify multiple wordlists in comma delimited format (e.g. -w "./wordlists/simple.txt, ./wordlists/hackthebox.txt" (default ./wordlists/virtual-host-scanning.txt). |
72+
| -w WORDLISTS | Set the wordlist(s) to use. You may specify multiple wordlists in comma delimited format (e.g. -w "./wordlists/simple.txt, ./wordlists/hackthebox.txt" (default ./wordlists/virtual-host-scanning.txt). Available wordlists: simple.txt, hackthebox.txt, common-vhosts.txt, pentest-focused.txt, cloud-modern.txt, virtual-host-scanning.txt. |
4973
| -p PORT | Set the port to use (default 80). |
5074
| -r REAL_PORT | The real port of the webserver to use in headers when not 80 (see RFC2616 14.23), useful when pivoting through ssh/nc etc (default to PORT). |
5175
| --ignore-http-codes IGNORE_HTTP_CODES | Comma separated list of http codes to ignore with virtual host scans (default 404). |
@@ -112,6 +136,38 @@ Here is an example with fuzzy logic enabled. You can see the last comparison is
112136

113137
![VHOSTScan Fuzzy Logic Example](https://github.com/codingo/codingo.github.io/blob/master/assets/VHostScan-Fuzzy-Wuzzy.PNG)
114138

139+
## Enhanced Wordlists
140+
141+
VHostScan now includes several specialized wordlists for different scenarios. The original wordlists were created by **Codingo** based on real-world penetration testing experience, and this enhanced version includes additional specialized wordlists for modern infrastructure.
142+
143+
### Available Wordlists
144+
145+
* **virtual-host-scanning.txt** (default) - General purpose virtual host scanning (Original by Codingo)
146+
* **simple.txt** - Minimal wordlist for quick scans (Original by Codingo)
147+
* **hackthebox.txt** - HTB machine specific subdomains (Original by Codingo)
148+
* **common-vhosts.txt** - Extended list of common virtual hosts and cloud services (Enhanced)
149+
* **pentest-focused.txt** - Pentesting and security assessment focused hosts (New)
150+
* **cloud-modern.txt** - Modern cloud infrastructure, containers, and DevOps tools (New)
151+
152+
For detailed information about each wordlist, see [WORDLISTS.md](WORDLISTS.md).
153+
154+
### Wordlist Usage Examples
155+
156+
Use the pentest-focused wordlist for security assessments:
157+
```bash
158+
$ VHostScan -t target.com -w ./wordlists/pentest-focused.txt
159+
```
160+
161+
Combine multiple wordlists for comprehensive scanning:
162+
```bash
163+
$ VHostScan -t target.com -w "./wordlists/common-vhosts.txt,./wordlists/cloud-modern.txt"
164+
```
165+
166+
Use cloud-focused wordlist for modern infrastructure:
167+
```bash
168+
$ VHostScan -t example.com -w ./wordlists/cloud-modern.txt --ssl
169+
```
170+
115171
## Running the tests
116172

117173
This project includes a small battery of tests. It's really simple to run the tests:
@@ -122,3 +178,23 @@ python3 setup.py test
122178
```
123179

124180
If you're thinking of adding a new feature to the project, consider also contributing with a couple of tests. A well-tested codebase is a sane codebase. :)
181+
182+
## Credits and Acknowledgments
183+
184+
- **Original Author**: [Codingo](https://github.com/codingo) - Creator of VHostScan
185+
- **Original Project**: [VHostScan](https://github.com/codingo/VHostScan)
186+
- **Enhancements**: Community improvements including additional wordlists and code modernization
187+
- **Contributors**: All the amazing people who have contributed to making VHostScan better
188+
189+
### Enhanced Version Improvements
190+
191+
This enhanced version includes:
192+
- Modernized Python 3.8+ codebase with type hints
193+
- Additional specialized wordlists for modern infrastructure
194+
- Improved error handling and performance optimizations
195+
- Extended documentation and usage examples
196+
- Better cloud and container environment support
197+
198+
---
199+
200+
*VHostScan was originally created by Codingo and first presented at SecTalks BNE in September 2017. This enhanced version builds upon that excellent foundation with additional improvements for modern penetration testing and bug bounty hunting.*

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /