Skip to content
/ SubdomainFinder Public

SubdomainFinder is a tool for collecting subdomains. It increases the range of information gathering during the penetration test.

25 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Threezh1/SubdomainFinder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
css
css
 
 
README.md
README.md
 
 
SubdomainFinder.py
SubdomainFinder.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

SubdomainFinder

SubdomainFinder is a tool for collecting subdomains. It increases the range of information gathering during the penetration test.

The reason for writing this tool is that my computer can't use Sublist3r, I don't want to spend time configuring the environment for it.

Also, since I don't know enough about multithreading now, I didn't add the part of the brute subdomain, I believe I will add it in later versions.

When collecting the netcraft part, refer to Sublist3r. The rest is written by myself.

Introduction

Auth: Threezh1
Blog: http://www.threezh1.com/

  • Python Version: 3.7

  • Dependencies: pip3 install -r requirements.txt

  • Channels for collecting subdomains:

    crt, dnsdumpster, threatcrowd, virustotal, natcraft, google transparencyreport, ask, baidu, bing, so, google

  • Have to be aware of is:

    • Please make sure the network can access websites such as google
    • A single part may report an error, but does not affect the overall use.
    • If an error occurs, please wait a while and try again

  • Problems at the current stage:

    • When the number of subdomains is very large, the program may have to wait for a long time and get stuck with a small probability.
    • Some channels will be invalid due to network factors
    • The speed of collection is not particularly fast

PS:In the windows, it is recommended to run with cmder.

API

Usage

usage: SubdomainFinder.py [-h] -d DOMAIN [-o] [-html]

Short Form Long Form Description
-h --help show this help message and exit
-d --domain Domain name to enumerate subdomains of
-o --output Output file name ,the domain name is thefile_name.txt
-html --html Output html, the domain name is the file_name.html

Example

  • Simple:

python3 SubdomainFinder.py -d mi.com

simple Example

  • Output to txt:

The output is a txt file, the default name is mi_com.txt

python3 SubdomainFinder.py -d mi.com -o

  • Output to html:

python3 SubdomainFinder.py -d mi.com -html

Get more information about the subdomain, including the page title, ip address, website status, and output it as an html file. The default name is mi_com.html

simple Example

About

SubdomainFinder is a tool for collecting subdomains. It increases the range of information gathering during the penetration test.

Topics

collection information domain subdomain collect domain-api sub-domain threezh1

Resources

Readme
Activity

Stars

25 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages