Tools/Syntax

todo

Subfinder

# Install
go get github.com/subfinder/subfinder

# Basic usage
subfinder -d example.com > example.com.subs

# Recursive
subfinder -d  example.com  -recursive -silent -t 200 -v -o  example.com.subs

# Use censys for even more results
subfinder -d example.com -b -w wordlist.txt -t 100 -sources censys -set-settings CensysPages=2 -v -o example.com.subs

Amass after subfinder

amass enum --passive -d example.com -o example.com.subs

asset Finder after amass

# Install
go get -u github.com/tomnomnom/assetfinder

# Basic usage
assetfinder [--subs-only] <domain>

GetAllUrls gau

# Install 
GO111MODULE=on go get -u -v github.com/lc/gau

# Extract subdomains from output
gau -subs example.com | cut -d / -f 3 | sort -u

PreviousSubDomain lookup NextO365 RealmInfo

Last updated 4 years ago

Was this helpful?