Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains.

Related tags

Security related resourcescybersecuritypentestingethical-hackingsubdomain-scannersubdomain-enumerationpentesting-toolsethical-hacking-toolssubdomain-finder
Overview

Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains.

File Structure

  • core/
    • colors.py
  • db/
    • wordlist.txt
  • README.md
  • LICENCE
  • subx.py
  • args.json

Installation

▶ git clone https://github.com/whoamisec75/subx.git
▶ cd subx
▶ python3 subx.py

Usage

First add domain, concurrency, wordlist in args.json:

{
    "domain": "google.com", 
    "concurrency": 40, 
    "wordlist": "db/wordlist.txt" 
}

Now run the tool:

▶ python3 subx.py
               __         
   _______  __/ /_  _  __
  / ___/ / / / __ \| |/_/
 (__  ) /_/ / /_/ />  <  
/____/\__,_/_.___/_/|_|  @whamisec
                         

[INF] :: Domain       : google.com
[INF] :: Concurrency  : 40
[INF] :: Wordlist     : db/wordlist.txt

[RES] http://www.google.com
[RES] http://images.google.com
[RES] http://video.google.com
[RES] http://image.google.com
[RES] https://services.google.com
[RES] https://search.google.com
[RES] https://music.google.com
[RES] https://home.google.com
[RES] https://ads.google.com
[RES] https://blog.google.com
[RES] https://chat.google.com
...

Similarly if you want to find subdomains of another domain then just edit the args.json:

Finding subdomains of microsoft.com

{
    "domain": "microsoft.com", 
    "concurrency": 40, 
    "wordlist": "db/wordlist.txt" 
}

run the tool:

               __        
   _______  __/ /_  _  __
  / ___/ / / / __ \| |/_/
 (__  ) /_/ / /_/ />  <  
/____/\__,_/_.___/_/|_|  @whamisec
                         

[INF] :: Domain       : microsoft.com
[INF] :: Concurrency  : 40
[INF] :: Wordlist     : db/wordlist.txt

[RES] https://admin.microsoft.com
[RES] https://www.microsoft.com
[RES] https://support.microsoft.com
[RES] https://img.microsoft.com
[RES] https://download.microsoft.com
[RES] https://ads.microsoft.com
[RES] https://test.microsoft.com
[RES] https://shop.microsoft.com
[RES] https://dev.microsoft.com
[RES] https://music.microsoft.com
[RES] https://lists.microsoft.com
[RES] https://business.microsoft.com
[RES] https://s.microsoft.com
[RES] https://i.microsoft.com
[RES] https://apps.microsoft.com
[RES] https://dns.microsoft.com
[RES] https://connect.microsoft.com
...
You might also like...
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.

DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.

null 2 Feb 5, 2022
Rapidly enumerate subdomains and domains using rapiddns.io.
Rapidly enumerate subdomains and domains using rapiddns.io.

Description Simple python module (unofficial) allowing you to access data from rapiddns.io. You can also use it as a module. As mentioned on the rapid

null 27 Dec 31, 2022
Get related domains / subdomains by looking at Google Analytics IDs
Get related domains / subdomains by looking at Google Analytics IDs

DomainRelationShips ██╗ ██╗ █████╗ ██╗██████╗ ██║ ██║██╔══██╗ ██║██╔══██╗ ██║ ██║█████

Josué Encinar 161 Jan 2, 2023
A Tool to find subdomains from hackerone reports.
A Tool to find subdomains from hackerone reports.

Hactivity A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title o

Stinger 15 Jul 24, 2022
A small Python Script To get all levels of subdomains from a list

getlevels A small Python Script To get all levels of subdomains Easily get 1st level, 2nd level, 3rd level, 4th level .... nth level subdomains Usag

null 9 Feb 15, 2022
A Tool for subdomain scan with other tools

ReconTracer A Tool for subdomain scan with other tools ReconTracer Find subdomains by using another amazing sources!. Obs: In a close future recontrac

null 15 Dec 18, 2021
SubFind - Subdomain Finder Tools
SubFind - Subdomain Finder Tools

SubFind (Subdomain Finder Tools) Info Tools Result Of Subdomain Command In Termi

LangMurpY 2 Jan 25, 2022
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

Eslam Akl 45 Dec 28, 2022
Local File Inclusion Scanner and Exploiter
Local File Inclusion Scanner and Exploiter

LFI-Paradise Local File Inclusion Scanner and Exploiter Features 1- Scanner 2- E

null 11 Sep 4, 2022
Releases(1.0)
Owner
whoami security
All around cybersecurity
whoami security
GitHub Repository
A proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228)

CVE-2021-44228 – Log4j RCE Unauthenticated About This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228). This vulnerability

Pedro Havay 20 Nov 11, 2022
Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods

Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods This repository is the official implementation of Seohong Park, Jaeky

Seohong Park 6 Aug 02, 2022
Dependency injection in python with autoconfiguration

The base is a DynamicContainer to autoconfigure services using the decorators @services for regular services and @command_handler for using command pattern.

Sergio Gómez 2 Jan 17, 2022
Security audit Python project dependencies against security advisory databases.

Security audit Python project dependencies against security advisory databases.

52 Dec 17, 2022
This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way

Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service

Francesco 3 Nov 23, 2022
使用golang重写开源工具wafw00f

GO-WAFW00F 介绍 WAFW00F是一款优秀的web应用防火墙识别开源工具:https://github.com/EnableSecurity/wafw00f 使用Golang重写的原因:Python环境配置不便利,Golang打包生成可执行文件直接运行 目前还在开发阶段,规则解析存在小问题

80 Dec 30, 2021
neo Tool is great one in binary exploitation topic

neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it

Hamza Elansari 4 Oct 10, 2022
Python exploit code for CVE-2021-4034 (pwnkit)

Python3 code to exploit CVE-2021-4034 (PWNKIT). This was an exercise in "can I make this work in Python?", and not meant as a robust exploit. It Works

Joe Ammond 92 Dec 29, 2022
CVE-2021-43798Exp多线程批量验证脚本

Grafana V8.*任意文件读取Exp--多线程批量验证脚本 漏洞描述 Grafana是一个开源的度量分析与可视化套件。经常被用作基础设施的时间序列数据和应用程序分析的可视化,它在其他领域也被广泛的使用包括工业传感器、家庭自动化、天气和过程控制等。其 8.*版本任意文件读取漏洞,该漏洞目前为0d

2 Dec 16, 2021
DNSSEQ: PowerDNS with FALCON Signature Scheme

PowerDNS-based proof-of-concept implementation of DNSSEC using the post-quantum FALCON signature scheme.

Nils Wisiol 4 Feb 03, 2022
All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

Cracker 331 Jan 01, 2023
Simple and easy framework for phishing 🎣

👋 It's in beta, I'm still building How to install Linux and Termux: Clone Rp: git clone https://github.com/J4c5/superfish.git Install the dependencie

Jack 4 Jan 27, 2022
Scan your logs for CVE-2021-44228 related activity and report the attackers

jndiRep - CVE-2021-44228 Basically a bad grep on even worse drugs. search for malicious strings decode payloads print results to stdout or file report

js-on 2 Nov 24, 2022
Python Library For Ethical Hacker

Python Library For Ethical Hacker

11 Nov 03, 2022
Brute force attack tool for Azure AD Autologon/Seamless SSO

Brute force attack tool for Azure AD Autologon

nyxgeek 89 Jan 02, 2023
Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints.

jolokia-exploitation-toolkit Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints. Core concept Jolokia is a protocol br

Laluka 194 Jan 01, 2023
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances of log4j library, including embedded (jar/war/zip) packaged ones.

log4shell_finder Python port of https://github.com/mergebase/log4j-detector log4j-detector is copyright (c) 2021 - MergeBase Software Inc. https://mer

Hynek Petrak 33 Jan 04, 2023
Threat research and reporting from IronNet's Threat Research Teams

IronNet Threat Research 🕵️ Overview This repository contains IronNet's Threat Research. Research & Reporting 📝 Project Description Cobalt Strike Res

36 Dec 02, 2022
Installation of hacking tools

Tools-Spartan This is a program that makes it easy for you to download and install tools used in Kali Linux, there are tons of tools available.

1 Nov 10, 2021
Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more

Log4jUnifi Exploiting CVE-2021-44228 in Unifi Network Application for remote cod

96 Jan 02, 2023