Description
Sublist3r is a Python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. It also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.
Installation
BASH
# Clone and install
git clone https://github.com/aboul3la/Sublist3r.git
cd Sublist3r
pip install -r requirements.txtBasic Usage
BASH
# Enumerate subdomains
python sublist3r.py -d target.com
# Save to file
python sublist3r.py -d target.com -o subs.txt
# Verbose output
python sublist3r.py -d target.com -vAdvanced Usage
BASH
# Use specific search engines
python sublist3r.py -d target.com -e google,yahoo,bing
# Set number of threads
python sublist3r.py -d target.com -t 50
# Enable brute force with Subbrute
python sublist3r.py -d target.com -b
# Show only domains with specific ports open
python sublist3r.py -d target.com -p 80,443,8080Common Workflows
BASH
# Quick subdomain discovery
python sublist3r.py -d target.com -o subs.txt && cat subs.txt | httpx -silent
# Combine with other tools for comprehensive coverage
python sublist3r.py -d target.com -o sublist3r-subs.txt
subfinder -d target.com -o subfinder-subs.txt
cat sublist3r-subs.txt subfinder-subs.txt | sort -u > all-subs.txt