SubBrute – Subdomain Brute-forcing Tool


SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain brute-forcing tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design also provides a layer of anonymity, as SubBrute does not send traffic directly to the target’s name servers.

SubBrute - Subdomain Brute-forcing Tool


There are various other options with similar capabilities, such as:

InstaRecon – Automated Subdomain Discovery Tool
dnsmap 0.22 Released – Subdomain Bruteforcing Tool
DNSenum – Domain Information Gathering Tool
Complemento v0.6 – ReverseRaider Subdomain Scanner
DNSRecon – DNS Enumeration Script
Recon-ng – Web Reconnaissance Framework

Features

  • Fast, multi-threaded and comes with more than 2000 high quality nameservers in resolver.txt
  • Nameservers are verified when they are needed. A seperate thread is responsible creating a feed of nameservers, and corresponding wildcard blacklist.
  • SubBrute is now a DNS spider that recursively crawls enumerated DNS records. This feature boosted *.google.com from 123 to 162 subdomains.
  • –type enumerate an arbitrary record type (AAAA, CNAME, SOA, TXT, MX…)
  • -s can now read subdomains from result files.
  • The subdomains enumerated from previous scans can now be used as input to enumerate other DNS records.

Usage

You can download SubBrute here:

subbrute-source-77.zip
windows-subbrute.zip

Or read more here.

Posted in: Hacking Tools, Networking Hacking Tools

, , , ,


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


2 Responses to SubBrute – Subdomain Brute-forcing Tool

  1. VaxMAN May 21, 2016 at 6:11 pm #

    The link of the tool in GitHub is incorrectly wrote. The final . (dot) is not needed and the URL don’t work well…

    And many thanks for the article/tool!!!

    • Darknet May 29, 2016 at 6:27 pm #

      Fixed that, thanks!