Footprinting with Sublist3r

Sublist3r is a Python subdomain discovery tool that has been designed to enumerate subdomains of websites using data from publicly available sources and brute force techniques. The public sources consist of a wide range of popular search engines such as Google, Yahoo, Bing, Baidu, Ask and also Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS to discover subdomains.

You can also brute force subdomains using an integrated tool named Subbrute. Subbrute is a DNS meta-query spider that enumerates DNS records and subdomains by using an extensive wordlist. This tool uses open resolvers to avoid rate limiting issues that prevent Subbrute from completing the list or attempting all entries.

Sublist3r installation

Sublist3r is not pre-installed in Kali Linux, so you will have to install it from the official repository.

If you are installing Sublist3r on Ubuntu 19.10, you will need to prepare your system:

  • Update your system and install required software:

$ sudo apt-get update && sudo apt-get upgrade

$ sudo apt-get install git

$ sudo apt-get install python-pip python-dev build-essential

$ sudo pip install --upgrade setuptools pip wheel

$ sudo pip install --upgrade virtualenv

  • Next, clone Sublist3r Github. In this tutorial we clone to the /opt directory but feel free to use whatever directory structure works for you.

git clone https://github.com/aboul3la/Sublist3r.git


Cloning Sublist3r repository

  • Next, change directory into the newly created Sublist3r and use the requirements file to finish installing the dependencies for Sublist3r.

cd Sublist3r

pip install –r requirements.txt

Installing Sublist3r

  • At this point the installation is complete and the application can be started from the current Sublist3r directory.

./sublist3r.py

Running Sublist3r

NOTE: If you are using Kali Linux you can start the application manually by typing Sublist3r in your terminal or you can add it to the Applications menu.

Adding Sublist3r to Kali's menu

Using Sublist3r

Like Osmedeus, Sublist3r does not require you to configure any API keys. Therefore, this application is fairly simple to use.

Sublist3r options

So far, we’ve only searched publicly available sources for sub domains for the given domain name. In the next step we will also activate Subbrute which uses a wordlist to brute force subdomains. The results will be saved in a text file under the proper directory.

  • The following command activates Subbrute with 100 threads:

./sublist3r.py -d sans.org -v -b -t 100 -o /root/Documents/SANS/sublister.txt

image

Conclusions:

Even though not being updated recently, Sublister is still a reliable tool to find subdomains.


Next post: Advanced Reconnaissance: Compiling gathered information
Posted by
Labels: , ,

3 comments:

sak said...

This is a wonderful article, Given so much info in it, These type of articles keeps the users interest in the website, and keep on sharing more ... good luck.
Ethical hacking Online Training

May 27, 2020 at 6:02 AM
Shayzee said...

Hello Everyone !

USA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.

All SSN's are Tested & Verified.

**DETAILS IN LEADS/FULLZ**

->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER
->ADDRESS WITH ZIP
->PHONE NUMBER, EMAIL
->EMPLOYEE DETAILS

*Price for SSN lead $2
*You can ask for sample before any deal
*If you buy in bulk, will give you discount
*Sampling is just for serious buyers

->Hope for the long term business
->You can buy for your specific states too

**Contact 24/7**

Whatsapp > +923172721122

Email > leads.sellers1212@gmail.com

Telegram > @leadsupplier

ICQ > 752822040

August 24, 2020 at 6:48 PM
Mrs. Carolin Glowski said...

TESTIMONY ON HOW I GOT MY LOAN AMOUNT FROM A RELIABLE AND TRUSTED LOAN COMPANY LAST WEEK. Email for immediate response drbenjaminfinance@gmail.com

Hello everyone, My name is Mrs. Carolin Glowski, I'm from Europe, am here to testify of how i got my loan from BENJAMIN LOAN FINANCE after i applied Two times from various loan lenders who claimed to be lenders right here this forum, i thought their lending where real and i applied but they never gave me loan until a friend of mine introduce me to {Dr. Benjamin Scarlet Owen} the C.E.O of BENJAMIN LOAN FINANCE who promised to help me with a loan of my desire and he really did as he promised without any form of delay, I never thought there are still reliable loan lenders until i met {Dr. Benjamin Scarlet Owen} who really helped me with my loan and changed my life for the better. I don't know if you are in need of an urgent loan also, So feel free to contact Dr. Benjamin Scarlet Owen on his email address drbenjaminfinance@gmail.com


THANKS

January 1, 2022 at 3:18 AM

Post a Comment

Subscribe to: Post Comments (Atom)