# Tools/Syntax

Subfinder

```
# Install
go get github.com/subfinder/subfinder

# Basic usage
subfinder -d example.com > example.com.subs

# Recursive
subfinder -d  example.com  -recursive -silent -t 200 -v -o  example.com.subs

# Use censys for even more results
subfinder -d example.com -b -w wordlist.txt -t 100 -sources censys -set-settings CensysPages=2 -v -o example.com.subs
```

Amass after subfinder

```
amass enum --passive -d example.com -o example.com.subs 
```

asset Finder after amass

```
# Install
go get -u github.com/tomnomnom/assetfinder

# Basic usage
assetfinder [--subs-only] <domain>
```

GetAllUrls gau

```
# Install 
GO111MODULE=on go get -u -v github.com/lc/gau

# Extract subdomains from output
gau -subs example.com | cut -d / -f 3 | sort -u
```