Fierce is a network enumeration tool that uses many techniques (mostly using DNS) to gather a list of IPs controlled by an organization. The most common method is to provide Fierce with a domain. Last week at Security BSides in Las Vegas, I gave a talk about the newest version of Fierce. Version 2.0 includes tons of new functionality that the original version lacked. I also discussed the new functionality of Fierce v2 on Security Justice Episode 26.
Here is a small breakdown of the new techniques: Interactive mode for scanning IPs ranges, TLD bruteforce (also with an interactive mode), Virtual host detection and enumeration, ARIN lookups including lookups for every Nethandle, Whois enumeration, Reporting engine that includes TXT, XML and HTML report formats, rewrote all of the techniques to be Object Oriented with threading, ability to exclude or include techniques to ensure fine grained control of the scan and a ton more!
I have also been working on an XML parser module to extract data from Fierce using Perl. Parsing XML allows pentesters to extract the data from tools so they can automate the mundane tasks and work on more difficult things. The module is already on CPAN.
The official release of Fierce v2.0 can be found at:
To check out the latest version of Fierce v2 from subversion, simply run the following command:
svn co https://svn.assembla.com/svn/fierce/fierce2/trunk/ fierce2/
The XML module (known as Fierce::Parser) can be found at:
If you have any comments, questions or suggestions please let me know.