• Diniz Martins

Sublist3r

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS.


Installation:

git clone https://github.com/aboul3la/Sublist3r.git
cd Sublist3r
sudo pip install -r requirements.txt

Dependencies:


Sublist3r depends on the requests, dnspython and argparse python modules.

sudo apt-get install python-requests
sudo apt-get install python-dnspython
sudo apt-get install python-argparse

How it works:


  • To list all the basic options and switches use -h switch:

python sublist3r.py -h

  • To enumerate subdomains of specific domain:

python sublist3r.py -d example.com

  • To enumerate subdomains of specific domain and show only subdomains which have open ports 80 and 443 :

python sublist3r.py -d example.com -p 80,443

  • To enumerate subdomains of specific domain and show the results in realtime:

python sublist3r.py -v -d example.com

  • To enumerate subdomains and enable the bruteforce module:

python sublist3r.py -b -d example.com

  • To enumerate subdomains and use specific engines such Google, Yahoo and Virustotal engines:

python sublist3r.py -e google,yahoo,virustotal -d example.com



38 views0 comments

Recent Posts

See All

BF | Brainfuck

Brainfuck is an esoteric programming language created in 1993 by Urban Müller. Notable for its extreme minimalism, the language consists of only eight simple commands and an instruction pointer. While

Admin-Scanner

This tool is design to find Admin Panel of any website by using custom wordlist or default wordlist easily. Grab the result and paste to your web browser: How to install: Usages: -site <url of website

BAP – Basic Auth Pot | HoneyPot

What is a honeypot? A honeypot is a computer or computer system intended to mimic likely targets of cyberattacks. It can be used to detect attacks or deflect them from a legitimate target. It can also