Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

Go to file

Nizamul Rana fd225d54f3 Updated README		2018-04-22 21:37:40 +05:30
libsubfinder	Added Threatminer Data Source	2018-04-22 21:36:07 +05:30
.gitignore	Fixed gitignore to ignore executable	2018-04-03 14:58:20 +05:30
DOCS.md	Added DOCS.md and some extra changes	2018-04-14 12:47:42 +05:30
Dockerfile	Create Dockerfile	2018-04-17 07:20:04 +01:00
ISSUE_TEMPLATE.md	Create ISSUE_TEMPLATE.md	2018-04-09 14:35:33 +10:00
LICENSE	Initial commit	2018-03-31 15:14:58 +05:30
README.md	Updated README	2018-04-22 21:37:40 +05:30
config.json	Added config.json	2018-04-19 16:21:38 +05:30
main.go	Added JSON output feature	2018-04-22 21:29:16 +05:30
process.go	Updated process.go	2018-04-04 17:03:02 +05:30

README.md

SubFinder

SubFinder is a subdomain discovery tool that uses various techniques to discover massive amounts of subdomains for any target. It has been aimed as a successor to the sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then it uses a permutation module inspired by altdns to generate permutations and resolve them quickly using a powerful bruteforcing engine. It can also perform plain bruteforce if needed. The tool is highly customizable, and the code is built with a modular approach in mind making it easy to add functionalities and remove errors.

Why?

This project began it's life as a Bug Bounty World slack channel discussion. We (@ice3man & @codingo) were talking about how the cornerstone subdomain tool at the time, sublist3r, appeared to have been abandoned. The goal of this project was to make a low dependancy, manageable project in Go that would continue to be maintained over time. I (@Ice3man) decided to rewrite the sublist3r project and posted about it. @codingo offered to contribute to the project and subfinder was born.

So finally after working hard, here is something that I hope you guys will ❤️.

Features

Simple and modular code base making it easy to contribute.
Fast And Powerful Bruteforcing Module (In Development)
Powerful Permutation generation engine. (In Development)
Many Passive Data Sources (CertDB, CertSpotter, crtsh, DNSDumpster, FindSubdomains, Hackertarget, Netcraft, PassiveTotal, PTRArchive, SecurityTrails, Threatcrowd, VirusTotal, Waybackarchive, Threatminer)

Install

The installation is easy. Git clone the repo and run go build.

go get github.com/ice3man543/subfinder

To configure it to work with certain services, you need to have an API key for them. These are the services that do not work without an API key.

Put these values in the $HOME/.config/subfinder/config.json file which will be created when you run the tool for the first time and you should be good to go.

The tools creates a configuration directory in $HOME/.config/subfinder/. Please edit the config.json file created there after running the tool once without any options.

Docker

Git clone the repo, then build and run subfinder in a container with the following commands

Clone the repo using git clone https://github.com/ice3man543/subfinder.git
Edit your Dockerfile to include your API keys
Build your docker container

docker build -t subfinder .

After building the container, run the following.

docker run --rm -it subfinder

The above command is the same as running -h

For example, this runs the tool against uber.com and output the results to your host file system:

docker run --rm -it subfinder -d uber.com > uber.com.txt

Note: -o uber.com.txt would output into the docker container, which is deleted once the process finishes, because of the --rm segment of the docker command)

NOTE

This tool is currently in active development. So some features may not work or maybe broken. Please do a PR or create an Issue for any features, suggestions or ideas. Would love to hear from you guys.

Acknowledgements

@FranticFerret for his work on adding docker support.

License

MIT License