SubBrute – Subdomain Brute-forcing Tool


SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain brute-forcing tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design also provides a layer of anonymity, as SubBrute does not send traffic directly to the target’s name servers.

SubBrute - Subdomain Brute-forcing Tool


There are various other options with similar capabilities, such as:

InstaRecon – Automated Subdomain Discovery Tool
dnsmap 0.22 Released – Subdomain Bruteforcing Tool
DNSenum – Domain Information Gathering Tool
Complemento v0.6 – ReverseRaider Subdomain Scanner
DNSRecon – DNS Enumeration Script
Recon-ng – Web Reconnaissance Framework

Features

  • Fast, multi-threaded and comes with more than 2000 high quality nameservers in resolver.txt
  • Nameservers are verified when they are needed. A seperate thread is responsible creating a feed of nameservers, and corresponding wildcard blacklist.
  • SubBrute is now a DNS spider that recursively crawls enumerated DNS records. This feature boosted *.google.com from 123 to 162 subdomains.
  • –type enumerate an arbitrary record type (AAAA, CNAME, SOA, TXT, MX…)
  • -s can now read subdomains from result files.
  • The subdomains enumerated from previous scans can now be used as input to enumerate other DNS records.

Usage

You can download SubBrute here:

subbrute-source-77.zip
windows-subbrute.zip

Or read more here.

Posted in: Hacking Tools, Networking Hacking Tools

, , , ,


Latest Posts:


Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.


2 Responses to SubBrute – Subdomain Brute-forcing Tool

  1. VaxMAN May 21, 2016 at 6:11 pm #

    The link of the tool in GitHub is incorrectly wrote. The final . (dot) is not needed and the URL don’t work well…

    And many thanks for the article/tool!!!

    • Darknet May 29, 2016 at 6:27 pm #

      Fixed that, thanks!