一款强悍的子域名subdomains枚举工具

首先从github上下载代码:subdomains.sh,这是一款用于枚举子域名的自动化工具集合:

# git clone https://github.com/enenumxela/subdomains.sh.git

  然后进入目录,并执行./install.sh,会将需要的依赖库以及工具下载到本地:

# ./install.sh

  使用比较简单:

./subdomains.sh -d XX.XX.com -r 8.8.8.8 (注意需要指定DNS服务器列表)
# ./subdomains.sh -h

           _         _                       _                 _
 ___ _   _| |__   __| | ___  _ __ ___   __ _(_)_ __  ___   ___| |__
/ __| | | | '_ \ / _` |/ _ \| '_ ` _ \ / _` | | '_ \/ __| / __| '_ \
\__ \ |_| | |_) | (_| | (_) | | | | | | (_| | | | | \__  _\__ \ | | |
|___/\__,_|_.__/ \__,_|\___/|_| |_| |_|\__,_|_|_| |_|___(_)___/_| |_| v1.0.0

USAGE:
  subdomains.sh [OPTIONS]

OPTIONS:
   -d, --domain                          domain to gather subdomains for *
       --use-passive-source              comma(,) separated tools to use
       --exclude-passive-source          comma(,) separated tools to exclude
       --skip-semi-active                skip semi active techniques
   -r, --resolvers                       list of DNS resolvers *
       --skip-dictionary                 skip dictionary brute forcing
  -dW, --dictionary-wordlist             wordlist for dictionary brute forcing
       --skip-permutation                skip permutation brute forcing
  -pW, --permutation-wordlist            wordlist for permutation brute forcing
       --skip-dns-records                skip discovery from DNS records
       --skip-reverse-dns                skip discovery from reverse DNS lookup
       --skip-active                     skip active techniques
   -o, --output                          output text file
       --setup                           install/update this script & dependencies
   -h, --help                            display this help message and exit

NOTE: options marked with asterik(*) are required.

HAPPY HACKING :)

 

posted @ 2022-04-03 18:14  Jason_huawen  阅读(128)  评论(0编辑  收藏  举报