Subdomains.Sh is a wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.
Run the installation script:
curl -s https://raw.githubusercontent.com/enenumxela/subdomains.sh/main/install.sh | bash –
Or run in an ephemeral Docker container:
Clone the repository and run
cd subdomains.sh
Build the container image
./docker-subdomains.sh build
After build, you can run the script with the same options listed above.
Each run will run in a new container, and the container is destroyed after run
./docker-sudomains.sh -d example.com -r 1.1.1.1
To destroy the container image if desired
./docker-subdomains.sh destroy
To display this script’s help message, use the -h
flag:
subdomains.sh -h
_ _ | | | | _ _ ()_ _ | |
/ | | | | ‘_ \ / |/ _ | '_
\ / ` | | ‘ \/ | / | ‘_ \ __ \ || | |) | (| | () | | | | | | (| | | | | _ _ \ | | | |/__,|./ __,|__/|| || ||_,||| ||()/| |_| v1.0.0
USAGE:
subdomains.sh [OPTIONS]
OPTIONS:
-d, –domain domain to discover subdomains for *
-r, –resolvers list of DNS resolvers containing file *
–use-passive-source comma(,) separated passive tools to use
–exclude-passive-source comma(,) separated passive tools to exclude
–skip-semi-active skip discovery from semi active techniques
–skip-dictionary skip discovery from dictionary DNS brute forcing
-dW, –dictionary-wordlist wordlist for dictionary DNS brute forcing
–skip-permutation skip discovery from permutation DNS brute forcing
-pW, –permutation-wordlist wordlist for permutation DNS brute forcing
–skip-dns-records skip discovery from DNS records
–skip-reverse-dns skip discovery from reverse DNS lookup
–skip-active skip discovery from active techniques
-o, –output output text file
–setup install/update this script & dependencies
-h, –help display this help message and exit
NOTE: options marked with asterik(*) are required.
HAPPY HACKING 🙂
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…