Turbolist3r – An Automated Subdomain Scanning Tool

Turbolist3r is a subdomain enumeration tool which can identify subdomain takeovers. It is heavily based on sublist3r: https://latesthackingnews.com/2016/01/27/sublist3r-free-tool-to-enumerate-subdomains-for-pentester/

Installation and usage

git clone https://github.com/fleetcaptain/Turbolist3r
cd Turbolist3r/
pip3 install -r requirements.txt

There are various options such as port scanning, brute force on subdomains, input and output files, dns resolvers:

The following command shows how a typical subdomain scan would look like:

python3 turbolist3r.py -d latesthackingnews.com -a


Final thoughts

Turbolist3r is a great tool for finding hidden subdomains, it can reveal interesting A and CNAME records.

Based on the simple but effective usage, and the fact that the bigger part of the tool relies on other tools, I will award this tool with 3/5 bunnies:

Want To Learn More About Ethical Hacking?

We have a networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

Related posts

BruteDum- A network attack bruteforce tool

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

A Review of DNS Enumeration Tool: DNSEnum