/mildew

Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs

Primary LanguageGoMIT LicenseMIT

mildew

Seed your DoD VDP recon with the latest list of official "dotmil" domains. mildew crawls all the DoD-maintained website directories to scrape unique .mil domains. Then it extracts certificate transparency logs for each discovered root domain for deeper public domain discovery.

Based on the work of dotmil-domains a research project by esonderegger mapping out the DoD's public-facing domain listings:

There currently isn't a publicly available directory of all the domain names registered under the US military's .mil top-level domain. Such a directory would be useful for people looking to get an aggregate view of military websites and how they are hosted.

Install

go get -u github.com/daehee/mildew/cmd/mildew

Usage

mildew

Data Sources

The official DoD website directories:

Certificate transparency logs:

Report Vulnerabilities

Read the DoD Vulnerability Disclosure Policy and submit a vulnerability report at HackerOne.