TargetSet is a compact recon toolkit for bug bounty hunters and pentesters.
It aggregates passive subdomain discovery, allows brute-force (ffuf / puredns), generates permutations (alterx + dnsx), performs live checks (httpx), and includes subdomain takeover checks (subzy). Outputs are organized per-target folder for easy review.
Passive enumeration:
./targetset.sh -d target.com -Ps
Generate permutations:
./targetset.sh -d target.com -Perm -w /path/to/wordlist.txt
Brute-force (+ live check):
./targetset.sh -d target.com -BrF -w /path/to/wordlist.txt -l
Full run:
./targetset.sh -d target.com -Full -w /path/to/wordlist.txt -l
Notes
Install the required external tools (subfinder, assetfinder, findomain, gau, ffuf, puredns, alterx, dnsx, httpx, subzy, jq).
This tool is intended for educational purposes, bug bounty testing, and authorized security assessments only.
You must have explicit permission from the owner of any target domain before running this toolkit.
Unauthorized use may be illegal and is solely your responsibility.