2018-07-15 11:23:35 +01:00
|
|
|
# subfinder
|
|
|
|
|
|
|
|
> A subdomain discovery tool that discovers valid subdomains for websites.
|
|
|
|
> Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
|
2019-06-03 01:06:36 +01:00
|
|
|
> More information: <https://github.com/subfinder/subfinder>.
|
2018-07-15 11:23:35 +01:00
|
|
|
|
|
|
|
- Find subdomains for a specific domain:
|
|
|
|
|
|
|
|
`subfinder -d {{example.com}}`
|
|
|
|
|
|
|
|
- Show only the subdomains found:
|
|
|
|
|
|
|
|
`subfinder --silent -d {{example.com}}`
|
|
|
|
|
2021-05-20 21:13:41 +01:00
|
|
|
- Use a brute-force attack to find subdomains:
|
2018-07-15 11:23:35 +01:00
|
|
|
|
|
|
|
`subfinder -d {{example.com}} -b`
|
|
|
|
|
|
|
|
- Remove wildcard subdomains:
|
|
|
|
|
|
|
|
`subfinder -nW -d {{example.com}}`
|
|
|
|
|
|
|
|
- Use a given comma-separated list of resolvers:
|
|
|
|
|
|
|
|
`subfinder -r {{8.8.8.8}},{{1.1.1.1}} -d {{example.com}}`
|