Header Ads Widget

Responsive Advertisement

SubScraper - A Pentest Tool to Find Information of Subdomain

Adventure Patel October 20, 2018


SubScraper - A Pentest Tool to Find Information of Subdomain


External pentest tool that performs subdomain enumeration through various techniques. 



In addition, SubScraper will provide information such as HTTP & DNS lookups to aid in potential next steps.

SubScraper uses DNS brute force, Google & Bing scraping, and Virus Total to enumerate

subdomains without an API. Written in Python3, SubScraper performs HTTP(S) requests and DNS "A" record lookups during the enumeration process to validate discovered subdomains. This provides further information to help prioritize targets and aid in potential next steps. Post-Enumeration, "CNAME" lookups are displayed to identify subdomain takeover opportunities.


Install

pip3 install -r requirements.txt

Usage

python3 subscraper.py example.com
python3 subscraper.py -t 5 -o csv example.com


Options

 -s                                Only use internet to find subdomains
 -b                                Only use DNS brute forcing to find subdomains
 -o OUTFILE                Define output file type: csv/txt (Default: None)
 -t MAX_THREADS    Max threads (Default: 10)
 -w SUBLIST              Custom subdomain wordlist




Download SUBSCRAPER






Tags:
Adventure Patel

Posted by: Adventure Patel

Hello! I’m Narayan Patel. Software Developer with over 1 years of experience specializing in Android UI Development, SEO & Web Design. Experienced with all stages of the development cycle for dynamic web projects. Having an in-depth knowledge including HTML-CSS, XML, On/Off Page, Adobe XD. Strong background in management and leadership.

Post a Comment

0 Comments