Skip to content

0x4f53/subblaster

Repository files navigation

Golang License Latest Version

subblaster logo

subblaster

Super-fast multi-source subdomain bruteforcer in Go.

dnscovery preview

Note: This is not a public subdomain enumerator and is not an efficient way to get pre-captured subdomains. If you need fast enumeration, please use pre-existing tools like amass, sublister etc.

What is this then?

There are several domains whose subdomains are present in DNS records but aren't caught by popular enumeration services. These don't appear online due to them not being scraped by crawlers that these providers / security companies deploy. This tool is an attempt to maximize the speed of discovering them while minimizing the time taken.

Features

  • Customizable multi-source wordlists (TheRook's subbrute, Daniel Miessler's seclists and more!)
  • Multithreaded bruteforcing using Golang
  • Multi-resolver subdomain resolution and port scanning in-built
  • Multiple inputs, multiple outputs

Usage

# to build the program
go build

./subblaster 0x4f.in

Examples:

Generate paired JSON outputs

This helps generate output in the form of {"subdomain": "www.example.com", "domain":"example.com"}, useful for dumping to a DocumentDB

        (https://github.com/0x4f53/subblaster)
        A fast subdomain bruteforcer in Golang.


[⟳] Generating batches for bruteforcing...


[✓] Batching complete! Generated 1192 batches

[+] Bruteforcing...

./subblaster -p 0x4f.in
...
# In 0x4f.in.json
{"subdomain":"blog.0x4f.in","domain":"0x4f.in"}
{"subdomain":"www.0x4f.in","domain":"0x4f.in"}

Refresh all seclists and delete cache

./subblaster -r

                S U B B L A S T E R  
        (https://github.com/0x4f53/subblaster)
        A fast subdomain bruteforcer in Golang.

[✓] Deleted all cache data
[↓] Downloading wordlists mentioned in lists.yaml
 - onelistforallshort.txt [2.82MB / 0b] ╢░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟  10.84kB/s
 - onelistforallshort.txt [12.19MB / 0b] ╢░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟  4.28kB/s
 - dns-Jhaddix.txt [10.40kB / 0b] ╢░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟  0b/s
 - alexaTop1mAXFRcommonSubdomains.txt [378.92kB / 0b] 
...

Credits

The animated logo is derived from work by Ryan Whiteside.

License

Multimedia licensed under License: CC BY-NC-SA 4.0

Copyright © 2024 Owais Shaikh

Donate

Click here to donate. It incentivizes me to develop more.