Git Product home page Git Product logo

subrake's Introduction

subrake
SUBRAKE

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

platform: linux Python: 3 PYPI: @subrake Release: v3.1 lisence

subrake

Key Features

  • OSINT + Subdomain Bruteforcing
  • Capable of handling outputs from multiple tools
  • Handling False Positives and Filters subdomains with same resolutions.
  • Checking for Server Banners and Ports
  • Incredibly Fast
  • Handling domains with larger scopes
  • Port Scanning

Documentation

Installation

Installing stable version directly from PYPI:

$ pip3 install subrake

Installing latest build:

$ git clone https://github.com/hash3liZer/Subrake.git
$ cd Subrake/
$ python3 setup.py install

Run after installation:

$ subrake --help

Usage

Subrake is highly flexible and is made to work under different situations. It can parse output files from multiple tools collectively. It does OSINT search alongside wordlist bruteforcing and before actual bruteforcing, it removes similar subdomains and false positives. It does also support a filter which when supplied allows you to seperate subdomains with same IP addresses in the final CSV result. Let's see some of the Subrake uses:

A simple run with OSINT results from search engines:

$ subrake -d google.com

Subrake with Multiple Threads:

$ subtake -d google.com -t 50

Subrake with OSINT results + SecLists subdomains list:

$ subrake -d google.com --wordlists SecLists/Discovery/DNS/namelist.txt

Subrake with OSINT results + Multiple SecLists subdomains list:
Note: Subdomains with similar names will automatically be filtered and counted as 1

$ subrake -d google.com --wordlists SecLists/Discovery/DNS/namelist.txt,SecLists/Discovery/DNS/dns-Jhaddix.txt

Subrake without OSINT + Output from multiple tools combined + IP Filtering:

$ domain="google.com"
$ subfinder -d $domain -nW -o $domain/1.txt && sublist3r -d $domain -o $domain/2.txt && cat $domain/* >> /tmp/output.txt
$ subrake -d $domain -w tmp/output.txt --filter --skip-search

Subrake without DNS + OSINT:

$ subrake -d google.com --skip-dns

Subrake with Port Scanning:
NOTE: The port 80,443 will be scanned by default for every host under HTTP/HTTPS banner. So, there's no need to specify them here

$ subrake -d google.com --ports 8080,8443,8000,23,445

Manual

   Args               Description                                    Default
   -h, --help           Show this manual                             NONE
   -d, --domain         Target domain. Possible
                        example: [example.com]                       NONE
   -w, --wordlists      Wordlists containing subdomains
                        to test. Multiple wordlists can
                        be specified.                                NONE
   -t, --threads        Number of threads to spawn                    25
   -o, --output         Store final subdomains in a specified file   NONE
   -c, --csv            Store output results in CSV format           NONE
   -p, --ports          Comma-seperated list of ports to scan.       NONE
   -s, --skip-search    Search for subdomains Online from various
                        sites.                                       FALSE
       --filter         Filter subdomains with same IP in CSV output FALSE
                        Helpful with larger scopes.
       --skip-dns       Skip initial DNS enumeration phase           FALSE
       --exclude-ips    Exclude specified IPs from the final results
                        Helpful in removing False Positives          NONE

Contribution

You can contribute to the project in many ways:

  • Report Bugs
  • Suggestions for making it better

Have any further Question? You can hit me up on Twitter and Email:
Twitter: @hash3liZer

subrake's People

Contributors

hash3lizer avatar pyup-bot avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.