Sublister - Subdomains Enumerator

Sublist3r is a Python-based tool that is used to enumerate the subdomains of a website. It helps penetration testers and bug hunters to find various subdomains for which they can find vulnerabilities. Sublist3r searches various subdomains using Google, Yahoo, Bing, Baidu, and Ask. It also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS. 


The Repository is available on GitHub - https://github.com/aboul3la/Sublist3r


  •  Clone the repository in Linux using the git command. 
Cloning the repository
  • Re-direct into the folder which was just created. It will have files as shown below.
Files in Sublist3r
  • Before running the tool we need to install all the python modules required by the tool. To do that, run command - pip install -r requirements.txt
Install packages
  • Once the installation is finished. You can run the tool using python. Command - python3 sublist3r.py
Run Sublist3r
It shows you need to run the command with the -d option and a domain name or else use the help command.
  • For example, if you want to look for a subdomain for google.com. The command is - python3 sublist3r.py -d google.com
Finding Subdomains for google.com
The tool is able to find various subdomains of google.com, using this, pen-testers and bug hunters can find vulnerabilities under a subdomain.
  • Also, some other flags like -d are worth mentioning from the help command. To see other flags type - python3 sublist3r.py -h.
Help option
  • -t: command can be used to start a number of threads to make the process faster, python3 sublist3r.py -d google.com -t 50 ( means send 50 requests at a time)
  • -o: command can be used to save the output given by Sublist3r in a text file, python3 sublist3r.py -d google.com -o output.txt, here output.txt is a file where the output will save.

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment