VLAN Scout discovers active VLANs and their configurations through passive monitoring and active probing. The tool identifies VLAN segments by analyzing network traffic and attempting connections across different VLAN IDs. The implementation supports multiple discovery protocols including DHCP, IPv6 neighbor discovery, LLDP, and CDP. VLAN Scout can operate in both passive monitoring mode to observe existing traffic and active probing mode to test VLAN accessibility and configuration.
Portquiz tests outbound TCP and UDP connectivity to remote hosts by attempting connections across specified port ranges. The tool identifies which ports can successfully establish connections through network infrastructure such as firewalls, NAT devices, and proxies. The program can detect deep packet inspection (DPI) filtering and other network-level blocking mechanisms. It supports testing individual ports or scanning complete port ranges, with cross-platform compatibility across Windows, macOS, and Linux systems.
Caddy Dynamic RemoteIP is a Caddy web server module that provides dynamic IP address matching capabilities. The module implements the http.matchers.dynamic_remote_ip matcher, which allows matching requests based on remote IP addresses that are dynamically sourced from configurable modules. Unlike static IP matching, this module enables real-time IP range updates through pluggable IPRangeSource implementations. This is useful for scenarios requiring dynamic access control based on changing IP ranges, such as cloud provider IP lists or threat intelligence feeds.
Broken DNS performs lame delegation checking at scale to identify DNS nameserver configuration issues. The tool validates DNS delegation by checking if nameservers properly respond to queries for zones they are supposed to be authoritative for. The Go implementation can process large numbers of domains and nameservers to detect misconfigurations where nameservers are listed in delegation records but do not actually serve the zone data. This helps identify broken DNS setups that can cause resolution failures.
DNS2mDNS bridges traditional DNS queries with multicast DNS (mDNS) resolution for .local hostnames. The service allows devices that don’t natively support mDNS, such as many Android devices and Windows systems, to resolve local network hostnames through standard DNS queries. The Go implementation acts as a DNS server that intercepts queries for .local domains and forwards them to the mDNS system, then returns the results via standard DNS responses. This enables seamless local hostname resolution across mixed network environments with Docker deployment support.
Extsort is a Go library that implements external sorting algorithms for datasets larger than available memory. The library manages temporary files and memory buffers to sort data that cannot fit entirely in RAM. The implementation uses merge sort with configurable buffer sizes and temporary file management. It provides a standard Go interface for sorting operations while automatically handling the complexity of disk-based intermediate storage and merging phases.
Allxfr performs DNS zone transfers (AXFR) against nameservers to retrieve complete zone files. The tool systematically attempts zone transfers against root zone servers and other configured nameservers to discover available zone data. The program supports both IPv4 and IPv6 connections and includes options for parallel transfers, dry-run operations, and zone file storage. It implements the DNS AXFR protocol to request complete zone transfers from authoritative nameservers that permit such operations.
A Go library and SOCKS5 proxy server that enables egress traffic from multiple IP addresses within a subnet. Stargate randomly distributes network connections across different IP addresses to avoid rate-limiting and provide load balancing across available IP ranges. The tool works best with subnets directly routed to the host and is particularly powerful for IPv6 subnet utilization. It supports both TCP CONNECT and UDP ASSOCIATE protocols and provides both a standalone proxy tool and a Go library for programmatic random IP networking. Requires specific network routing configuration and primarily supports Linux and FreeBSD platforms due to freebind networking capabilities.
CZDS is a Go library and CLI tool for interacting with ICANN’s Centralized Zone Data Service API. It handles authentication, zone file downloads, request submissions, and status monitoring for accessing top-level domain zone data. The implementation supports parallel downloads, request management, and provides both library interfaces for Go applications and standalone command-line functionality. The tool automates the process of requesting and retrieving DNS zone files from ICANN’s centralized service.
CertGraph crawls SSL certificates to map domain relationships through certificate alternate names. The tool builds a directed graph where domains are nodes and certificate alternative names create edges between related domains. The program performs hostname enumeration by following certificate relationships, revealing domain connections that may not be apparent through traditional DNS enumeration. It outputs data in various formats including graphical representations for network topology analysis.