Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains.

Related tags

Security related resourcescybersecuritypentestingethical-hackingsubdomain-scannersubdomain-enumerationpentesting-toolsethical-hacking-toolssubdomain-finder
Overview

Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains.

File Structure

  • core/
    • colors.py
  • db/
    • wordlist.txt
  • README.md
  • LICENCE
  • subx.py
  • args.json

Installation

▶ git clone https://github.com/whoamisec75/subx.git
▶ cd subx
▶ python3 subx.py

Usage

First add domain, concurrency, wordlist in args.json:

{
    "domain": "google.com", 
    "concurrency": 40, 
    "wordlist": "db/wordlist.txt" 
}

Now run the tool:

▶ python3 subx.py
               __         
   _______  __/ /_  _  __
  / ___/ / / / __ \| |/_/
 (__  ) /_/ / /_/ />  <  
/____/\__,_/_.___/_/|_|  @whamisec
                         

[INF] :: Domain       : google.com
[INF] :: Concurrency  : 40
[INF] :: Wordlist     : db/wordlist.txt

[RES] http://www.google.com
[RES] http://images.google.com
[RES] http://video.google.com
[RES] http://image.google.com
[RES] https://services.google.com
[RES] https://search.google.com
[RES] https://music.google.com
[RES] https://home.google.com
[RES] https://ads.google.com
[RES] https://blog.google.com
[RES] https://chat.google.com
...

Similarly if you want to find subdomains of another domain then just edit the args.json:

Finding subdomains of microsoft.com

{
    "domain": "microsoft.com", 
    "concurrency": 40, 
    "wordlist": "db/wordlist.txt" 
}

run the tool:

               __        
   _______  __/ /_  _  __
  / ___/ / / / __ \| |/_/
 (__  ) /_/ / /_/ />  <  
/____/\__,_/_.___/_/|_|  @whamisec
                         

[INF] :: Domain       : microsoft.com
[INF] :: Concurrency  : 40
[INF] :: Wordlist     : db/wordlist.txt

[RES] https://admin.microsoft.com
[RES] https://www.microsoft.com
[RES] https://support.microsoft.com
[RES] https://img.microsoft.com
[RES] https://download.microsoft.com
[RES] https://ads.microsoft.com
[RES] https://test.microsoft.com
[RES] https://shop.microsoft.com
[RES] https://dev.microsoft.com
[RES] https://music.microsoft.com
[RES] https://lists.microsoft.com
[RES] https://business.microsoft.com
[RES] https://s.microsoft.com
[RES] https://i.microsoft.com
[RES] https://apps.microsoft.com
[RES] https://dns.microsoft.com
[RES] https://connect.microsoft.com
...
You might also like...
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.

DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.

null 2 Feb 5, 2022
Rapidly enumerate subdomains and domains using rapiddns.io.
Rapidly enumerate subdomains and domains using rapiddns.io.

Description Simple python module (unofficial) allowing you to access data from rapiddns.io. You can also use it as a module. As mentioned on the rapid

null 27 Dec 31, 2022
Get related domains / subdomains by looking at Google Analytics IDs
Get related domains / subdomains by looking at Google Analytics IDs

DomainRelationShips ██╗ ██╗ █████╗ ██╗██████╗ ██║ ██║██╔══██╗ ██║██╔══██╗ ██║ ██║█████

Josué Encinar 161 Jan 2, 2023
A Tool to find subdomains from hackerone reports.
A Tool to find subdomains from hackerone reports.

Hactivity A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title o

Stinger 15 Jul 24, 2022
A small Python Script To get all levels of subdomains from a list

getlevels A small Python Script To get all levels of subdomains Easily get 1st level, 2nd level, 3rd level, 4th level .... nth level subdomains Usag

null 9 Feb 15, 2022
A Tool for subdomain scan with other tools

ReconTracer A Tool for subdomain scan with other tools ReconTracer Find subdomains by using another amazing sources!. Obs: In a close future recontrac

null 15 Dec 18, 2021
SubFind - Subdomain Finder Tools
SubFind - Subdomain Finder Tools

SubFind (Subdomain Finder Tools) Info Tools Result Of Subdomain Command In Termi

LangMurpY 2 Jan 25, 2022
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

Eslam Akl 45 Dec 28, 2022
Local File Inclusion Scanner and Exploiter
Local File Inclusion Scanner and Exploiter

LFI-Paradise Local File Inclusion Scanner and Exploiter Features 1- Scanner 2- E

null 11 Sep 4, 2022
Releases(1.0)
Owner
whoami security
All around cybersecurity
whoami security
GitHub Repository
Infection Monkey - An automated pentest tool

Infection Monkey Data center Security Testing Tool Welcome to the Infection Monkey! The Infection Monkey is an open source security tool for testing a

Guardicore Ltd. 6k Jan 09, 2023
the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr

Taroballz 25 Nov 15, 2022
Python decompiler for Python 1.5-2.4 (for historical archive)

This preserves the early code of a Python decompiler for Python versions 1.5 to 2.4. I have been able to install this using pyenv using Python 2.3.7 u

R. Bernstein 2 Jan 04, 2022
A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye

MotionEye/MotionEyeOS Authenticated RCE A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye. You need administrator crede

Matt 1 Apr 18, 2022
Scanning for CVE-2021-44228

Filesystem log4j_scanner for windows and Unix. Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571 Requires a minimum of Python 2.7. Can be ex

Brett England 4 Jan 09, 2022
CVE-2021-21985 VMware vCenter Server远程代码执行漏洞 EXP (更新可回显EXP)

CVE-2021-21985 CVE-2021-21985 EXP 本文以及工具仅限技术分享,严禁用于非法用途,否则产生的一切后果自行承担。 0x01 利用Tomcat RMI RCE 1. VPS启动JNDI监听 1099 端口 rmi需要bypass高版本jdk java -jar JNDIIn

r0cky 355 Aug 03, 2022
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

1frame 266 Jan 02, 2023
Crypto Meta Extractor

Crypto Meta Extractor This repository contains the code which extracts some metadata of all the cryptocurrencies listed (9K) on CoinMarketCap. Coding

Samyak Jain 3 Jul 03, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability

Interactsh An OOB interaction gathering server and client library Features • Usage • Interactsh Client • Interactsh Server • Interactsh Integration •

ProjectDiscovery 2.1k Jan 08, 2023
DoSer.py - Simple DoSer in Python

DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this

1 Oct 12, 2021
SPV SecurePasswordVerification

SPV SecurePasswordVerification Its is python module for doing a secure password verification without sharing the password directly. Features The passw

Merwin 1 Feb 12, 2022
Automated tool to exploit basic buffer overflow remotely and locally & x32 and x64

Automated tool to exploit basic buffer overflow (remotely or locally) & (x32 or x64)

5 Oct 09, 2022
Python tool for dumping flash via uboot reliably

Reliable Uboot Flash Dumper is a Python tool for dumping flash via uboot reliably. If you've ever had to dump flash via uboot and a serial connection and became frustrated about doing it several time

SecurityJon 25 May 10, 2022
A tool to brute force a gmail account. Use this tool to crack multiple accounts

A tool to brute force a gmail account. Use this tool to crack multiple accounts. This tool is developed to crack multiple accounts

Saad 12 Dec 30, 2022
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes

log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari

Ryan 5 Sep 12, 2022
Denial Attacks by Various Methods

Denial Service Attack Denial Attacks by Various Methods IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::

Baris Dincer 9 Nov 26, 2022
SonicWALL SSL-VPN Web Server Vulnerable Exploit

SonicWALL SSL-VPN Web Server Vulnerable Exploit

44 Nov 15, 2022
Lazarus analysis tools and research report

Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python

JPCERT Coordination Center 50 Sep 13, 2022
A small utility to deal with malware embedded hashes.

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn

Abdallah Elshinbary 48 Dec 19, 2022
Android Malware Behavior Deleter

Android Malware Behavior Deleter UDcide UDcide is a tool that provides alternative way to deal with Android malware. We help you to detect and remove

27 Sep 23, 2022