Subdomains Enumeration for Penetration Testing with Kali Linux - Sublist3r

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.

Recommended Python Version:

Sublist3r currently supports Python 2 and Python 3.

• The recommended version for Python 2 is 2.7.x
• The recommened version for Python 3 is 3.4.x

The main function will return a set of unique subdomains found by Sublist3r

Function Usage:

• domain: The domain you want to enumerate subdomains of.
• savefile: save the output into text file.
• ports: specify a comma-sperated list of the tcp ports to scan.
• silent: set sublist3r to work in silent mode during the execution (helpful when you don not need a lot of noise).
• verbose: display the found subdomains in real time.
• enable_bruteforce: enable the bruteforce module.
• engines: (Optional) to choose specific engines.

Lets Start With Subdomains Enumeration for Penetration Testing

Step 1. You need to download Sublist3r tool by executing this command in terminal window of kali linux

git clone https://github.com/aboul3la/Sublist3r.git

Step 2. These dependencies can be installed using the requirements file

sudo pip install -r requirements.txt

Step 3. To list all the basic options and switches use -h switch:

python ./sublist3r.py -h

Step 4.To enumerate subdomains of specific domain:

python ./sublist3r.py -d techtrick.in

Thank you for reading this article. Do let me know for any queries in comment section below.