Sublist3R - Fast Subdomains Enumeration Tool For Penetration Testers

Admin
Sublist3r is python tool that is designed to enumerate subdomains of websites using search engines. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r currently supports the following search engines: Google, Yahoo, Bing, Baidu, and Ask. More search engines may be added in the future. Sublist3r also gathers subdomains using Netcraft and DNSdumpster.

subbrute was integrated with Sublist3r to increase the possibility of finding more subdomains using bruteforce with an improved wordlist. The credit goes to TheRook who is the author of subbrute.
Installation 
git clone https://github.com/aboul3la/Sublist3r.git

Recommended Python Version: 
The recommended python version to use is 2.7.x on any platform. 
Other python versions maybe not supported at the moment. 

Dependencies: 

Requests library ( http://docs.python-requests.org/en/latest/ 
  • Install for Ubuntu/Debian:
sudo apt-get install python-requests
  • Install for Centos/Redhat:
sudo yum install python-requests
  • Install using pip:
sudo pip install requests

dnspython library ( http://www.dnspython.org/ 
  • Install for Ubuntu/Debian:
sudo apt-get install python-dnspython
  • Install using pip:
sudo pip install dnspython

argparse library 
  • Install for Ubuntu/Debian:
sudo apt-get install python-argparse
  • Install for Centos/Redhat:
sudo yum install python-argparse
  • Install using pip:
sudo pip install argparse

Usage 
Short FormLong FormDescription
-d--domainDomain name to enumerate subdomains of
-b--bruteforceEnable the subbrute bruteforce module
-v--verboseEnable Verbosity and display results in realtime
-t--threadsNumber of threads to use for subbrute bruteforce
-o--outputSave the results to text file
-h--helpshow the help message and exit

Examples 
  • To list all the basic options and switches use -h switch:
python sublist3r.py -h 
  • To enumerate subdomains of specific domain:
python sublist3r.py -d example.com 
  • To enumerate subdomains of specific domain and show results in realtime:
python sublist3r.py -v -d example.com 
  • To enumerate subdomains and use the subbrute bruteforce module:
python sublist3r.py -b -d example.com