Getting started
Knowledge hub
- Overview
-
-
- 34 M Wordlist Subdomain Brute Force
- Asn Based Network Scan
- Asset Discovery and Vulnerability Scanning
- Custom Subdomain Brute Force Wordlist From Ip Ranges
- Enumerate Cloud Resources
- Full Subdomain Enumeration
- Get Ips and Cnames
- Getdns
- Github Recon and Scanner
- Hostnames S3 Bucket Finder
- Simple Content Discovery
-
-
- amass
- anew
- apkurlgrep
- assetfinder
- cent
- cero
- cewl
- cloudenum
- crosslinked
- dnsdumpster-dns-lookup
- dnsdumpster-host-search
- dnstwist
- dnsvalidator
- dsieve
- dumpsterdiver
- eyeballer
- ffuf
- find-gh-poc
- findomain
- gau
- generate-yaml-report
- get-asn-prefixes
- get-trickest-output
- gf
- github-subdomains
- goaltdns
- gospider
- gotator
- hakcheckurl
- httprobe
- httpx
- infoga
- ipinfo
- jldc-subdomains
- katana
- mapcidr
- mass-linkfinder
- masscan
- massdns
- meg
- mksub
- naabu
- notify
- nrich
- nuclei
- oneforall
- puredns
- pymeta
- s3scanner
- securitytrails-subdomains
- spiderfoot
- sslyze
- subdomainizer
- subfinder
- tlsx
- uncover
- unfurl
- uro
- vita
- webanalyze-1
- webanalyze
- x8
Tutorials
- Creating a Workflow
- Downloading a Result
- Executing a Workflow
- How Do Machines Work
- Keeping Track of a Run
- Navigating in Workflow Editor
- Overview
- Saving a Workflow and History
- Scheduling a Workflow
- Using Workflows From Library
Concepts
cero
Basic Usage Examples
Scrap Domain Names Of Multiple Targets
Cero allows flexible specification of targets, including domain names, IP addresses, and CIDR ranges, with full support for IPv6.
Provide a file containing a list of targets to the targets input (check Setting file guide).
In example(s) below we are using a sample file.
Scrap domain names for given targets
Improvements
Increase Concurrency
Cero is fast and concurrent tool. The default concurrency level is 100 with possibility to be modified.
The concurrency level can be set by passing the desired value to the concurrency input (type String).
Increase concurrency to 1000
Decrease TLS Connection Timeout
Cero is scraping domain names during TLS handshake once connect to the remote host. Default TLS connection timeout is 4 seconds with possibility to be modified.
The TLS connection timeout can be set by passing the desired value (in seconds) to the tls-timeout input (type String).
Decrease TLS Connection timeout to 1 second
Filter Invalid Domain Names
Use filter-output boolean input to automatically strip invalid domain names (e.g. wildcards, bare IPs and usual gibberish).
Output only valid domain names
Support amass-intel
To space things up and get maximum results in case of utilizing amass-intel tool, use it in tandem with cero (to extract domains from SSL certificates) and dnsx/hakrevdns (to resolve domains and then reverse-lookup them).
Notable Workflows
Get a Video Demo
Fill out and submit this form to receive an in-depth video demo of the Trickest platform.
Talk To Sales
Fill out the form and we'll get back to you about any questions you have on our products, services, pricing, or scheduling a demo.