Sublist3r – Free tool to enumerate Subdomains for pentester

  • 569
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    569
    Shares

Sublist3r is python tool that is designed to enumerate subdomains of websites using search engines. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.

Sublist3r supports following search engine:

  • Google
  • Yahoo
  • Bing
  • Baidu
  • Ask

In future more search engines may be added. Sublist3r can gather subdomains using Netcraft and DNSdumpster.

Installing Sublist3r:

git clone https://github.com/aboul3la/Sublist3r.git

Recommended Python Version:

Python Version 2.7.x on any platform. Any other python versions maybe not supported at present.

Dependencies:


 

Requests library (http://docs.python-requests.org/en/latest/)

Install for Ubuntu/Debian:
sudo apt-get install python-requests

Install for Centos/Redhat:
sudo yum install python-requests

Install using pip:
sudo pip install requests


dnspython library (http://www.dnspython.org/)

Install for Ubuntu/Debian:
sudo apt-get install python-dnspython

Install using pip:
sudo pip install dnspython


 

argparse library

Install for Ubuntu/Debian:
sudo apt-get install python-argparse

Install for Centos/Redhat:
sudo yum install python-argparse

Install using pip:
sudo pip install argparse


 

How to use Sublist3r:

List of examples:

  • To list all the basic options and switches use -h switch:
    python sublist3r.py -h
  • To enumerate subdomains of specific domain:
    python sublist3r.py -d example.com
  • To enumerate subdomains of specific domain and show results in realtime:
    python sublist3r.py -v -d example.com
  • To enumerate subdomains and use the subbrute bruteforce module:
    python sublist3r.py -b -d example.com

Free Download: Sublist3r (from GitHub)

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply