Sublist3r a python based enumeration tool that enumerates subdomains of the domain using Google, Yahoo, Bing, Baidu, and Ask. It also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.
Subbrute added with it to enhance the finding of all possible domains using brute force with an improved word list.In this Kali Linux tutorial, we show how to enumerate the subdomains with Sublist3r.
To clone the tool
Recommended Versions
Python 2 is 2.7.x
Python 3 is 3.4.x
Also Read Email Spoofing – Exploiting Open Relay configured Public Mailservers
To list all the possible options
python sublist3r.py -h
To enumerate subdomains of specific domain
python sublist3r.py -d google.com
To enumerate subdomains of specific domain and show only subdomains which have open ports 80 and 443
python sublist3r.py -v -d vulnweb.com -p 80,443
The pen-testing helps administrator to close unused ports, additional services, Hide or Customize banners, Troubleshooting services and to calibrate firewall rules.You should test in all ways to guarantee there is no security loophole.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
This article is only for an Educational purpose. Any actions and or activities related to the material contained on this Website is solely your responsibility.The misuse of the information on this website can result in criminal charges brought against the persons in question. The authors and www.gbhackers.com will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…
A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…