Today I will be sharing list of Some good Sub-domain Scanners.
Before that we need to see what is Subdomain?
Sub-domain:
Sub-domains are a smaller part of a larger domain. The Domain Name System (DNS) is all about hierarchy. Everything starts with a Top Level Domain (TLD) like .com, .org, .net, or, in our case, .me. After that, we have the next step in domain names, like google.com, facebook.com, or for us, domain.me. After that, we start with sub-domains, like calendar.google.com, plus.google.com, or blog.yourwebsite.me. So now you know…
People occasionally refer to sub-domains as third-level domains. The logic behind this is that .me is first-level domain, yourwebsite.me is second level-domain and blog.yourwebsite.me becomes third-level domain.
List of Scanners:
1)Sublist3r
Sublist3r is python tool that is designed to enumerate subdomains of websites using search engines. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r currently supports the following search engines: Google, Yahoo, Bing, Baidu, and Ask.Sublist3r also gathers subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and PassiveDNS.
Download
2)SubBrute
SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting (https://www.us-cert.gov/ncas/alerts/TA13-088A). This design also provides a layer of anonymity, as SubBrute does not send traffic directly to the target's name servers.
Download
3)Knock Subdomain Scanner
Knock is designed and managed by Gianni 'guelfoweb' Amato.Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist.
Download
4)Pentest-Tools.com
pentest-tools.com provides service for web application pentesting.One of their free service is of Subdomain Scanning.It is a good tool of you want to scan online but there are some cons of it.
- Limited Services(40 Credit per 24 hr)
- SomeTimes misses some subdomains
You can use it at https://pentest-tools.com/information-gathering/find-subdomains-of-domain
Extra Tools:
When you enumerate Subdomains sometime for big sites you get hundred of subdomains and it is a tedous task to go through one by one to check which one is valid
There is a service httpstatus.io via which You put list of domains and provide you responses of each subdomain.
I really like reading through a post that can make people think. Also, many thanks for permitting me to comment!
ReplyDeleteDomain Scanner