Waldo is a new security tool which brute forces subdomains and also directories depending on the mode it is placed in. It is multi-threaded and multi-processed which makes it very fast. The leading tool that comes to mind is Dirbuster which is based on Java. Waldo is written in python and we plan on maintaining this open source project.
sudo python waldo.py -m s -w default.txt -d starbucks.com -t 2
Waldo comes with a default wordlist however with the proper flags set, you can specify you own. You can also specify the amount of threads to spin up. In the above example, I just used 2 which returns results pretty quickly. Waldo also tells you the server response codes. It is programmed to only show valid redirects and 200 OK's. You may see result 0 is www.starbucks.com and result 50 is mail. Instead of displaying 0-50 as bad pages, we only show valid pages. Mostly I care about 200's. Lets checkout "e.starbucks.com"
What the heck is that ? I don't know, it could be some sort of validation or status code.... or something used for mobile, not sure. Im sure could google it and get more results but anyhow. It's just an example. You can switch the mode from "s" (subdomain) to "d" which would look up directories like Dirbuster does. I think with using python, it functions much better than Java. We do have future plans to probably put in proxy support, logging, and other smart checks like looking at robots.txt and other things. Anyhow, support our project here!
intl.starbucks.com looked interesting...here is what comes up... smh
Scott "R4v3N", co-founder and trainer for Top-Hat-Sec.