Subdominator

<h1 align="center">
<img src="img/subdominator.png" alt="Subdominator" width="450px">
<br>
</h1>

Subdominator - Unleash the Power of Subdomain Enumeration

Subdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.

  [](https://github.com/RevoltSecurities/Subdominator/blob/main/LICENSE) [](https://www.linkedin.com/in/d-sanjai-kumar-109a7227b/)

Features:

<h1 align="center">
<img src="https://github.com/RevoltSecurities/Subdominator/assets/119435129/2a700962-6868-4a91-a8e8-2210189a4a23" width="700px">
<br>
</h1>

- fast and powerfull to enumerate subdomains.
- 50+ passive results to enumerate subdomains.
- configurable API keys setup
- Integrated notification system

Info:
We request existing user to update their config yaml file with new resources by opening the config file in : bash $HOME/.config/Subdominator/provider-config.yaml and add the below resources:

yaml
builwith:
- your-api-key1
- your-api-key2

passivetotal:
- user-mail1:api-key1
- user-mail2:api-key2

trickest:
- your-api-key1
- your-api-key2

by these your config yaml file will get updated or else check your yaml file that matches the below mentioned resources with *, The new users will required to update in next version if any new resources added
in Subdominator.

Usage:
code
subdominator -h

yaml
| | _) |
__| | | __ \ _` | _ \ __ `__ \ | __ \ _` | __| _ \ __|
\__ \ | | | | ( | ( | | | | | | | ( | | ( | |
____/ \__,_| _.__/ \__,_| \___/ _| _| _| _| _| _| \__,_| \__| \___/ _|


RevoltSecurities



[DESCRIPTION]: Subdominator a passive subdomain enumeration that discovers subdomains for your targets using with passive and open source resources

[USAGE]:

subdominator [flags]

[FLAGS]:

[INPUT]:

-d, --domain : domain name to enumerate subdomains.
-dL, --domain-list : filename that contains domains for subdomain enumeration.
stdin/stdout : subdominator now supports stdin/stdout

[OUTPUT]:

-o, --output : filename to save the outputs.
-oD, --output-directory : directory name to save the outputs (use it when -dL is flag used).
-oJ, --output-json : filename to save output in json fromat

[OPTIMIZATION]:

-t, --timeout : timeout value for every sources requests.

[UPDATE]:

-up, --update : update subdominator for latest version but yaml source update required manual to not affect your api keys configurations.
-duc, --disable-update-check : disable automatic update check for subdominator
-sup, --show-updates : shows latest version updates of subdominator

[CONFIG]:

-nt, --notify : send notification of found subdomain using source Slack, Pushbullet, Telegram, Discord
-p, --proxy : http proxy to use with subdominator (intended for debugging the performance of subdominator).
-cp, --config-path : custom path of config file for subdominator to read api keys ( default path: /home/sanjai/.config/Subdominator/provider-config.yaml)
-fw, --filter-wildcards : filter the found subdomains with wildcards and give cleaned output

[DEBUG]:

-h, --help : displays this help message and exits
-s, --silent : show only subdomain in output (this is not included for -ski,-sti)
-v, --version : show current version of subdominator and latest version if available and exits
-ski, --show-key-info : show keys error for out of credits and key not provided for particular sources
-ste, --show-timeout-info : show timeout error for sources that are timeout to connect
-nc, --no-color : disable the colorised output of subdominator
-ls, --list-source : display the sources of subdominator uses for subdomain enumerations and exits (included for upcoming updates on sources).



Subdominator Integrations:

Subdominator integrates with various free and Paid API passive sources to gather valuable subdomain information. We would like to give credit to the following websites for providing free-to-obtain API keys for subdomain enumeration.
Claim your free API and Paid keys here:

**Subdomains Resources**:
- **VirusTotal***: [VirusTotal](https://www.virustotal.com)
- **Chaos***: [Chaos](https://chaos.projectdiscovery.io)
- **Dnsdumpter***: [Dnsdumpster](https://dnsdumpster.com)
- **Whoisxml***: [WhoisXML](https://whois.whoisxmlapi.com)
- **SecurityTrails***: [SecurityTrails](https://securitytrails.com)
- **Bevigil***: [Bevigil](https://bevigil.com/)
- **Binaryedge***: [BinaryEdge](https://binaryedge.io)
- **Fullhunt***: [Fullhunt](https://fullhunt.io)
- **Rapidapi***: [RapidAPI](https://rapidapi.com) (requires: Rapid api key)
- **Bufferover***: [Bufferover](https://tls.bufferover.run/)
- **Certspotter***: [Certspotter](https://sslmate.com/certspotter)
- **Censys***: [Censys](https://search.censys.io/)
- **Fullhunt***: [Fullhunt](https://fullhunt.io/)
- **Zoomeye***: [Zoomeye](https://www.zoomeye.org/)
- **Netlas***: [Netlas](https://netlas.io/)
- **Leakix***: [Leakix](https://leakix.net/)
- **Redhunt***: [Redhunt](https://https://devportal.redhuntlabs.com/)
- **Shodan*** : [Shodan](https://shodan.io)
- **Huntermap*** : [Hunter](https://hunter.how/)
- **Google***: [Google](https://developers.facebook.com/)
- **Facebook***: [Facebook](https://programmablesearchengine.google.com/controlpanel/create)
- **Quake***: [Quake](https://quake.360.cn/)
- **RapidFinder***: [RapidFinder](https://rapidapi.com/Glavier/api/subdomain-finder3/pricing) (requires: Rapid api key)
- **RapidScan***: [RapidScan](https://rapidapi.com/sedrakpc/api/subdomain-scan1/pricing) (requires: Rapid api key)
- **Fofa***: [Fofa](https://en.fofa.info/)
- **CodeRog***: [CodeRog](https://rapidapi.com/coderog-coderog-default/api/subdomain-finder5/pricing) (requires: Rapid api key)
- **C99***: [C99](https://subdomainfinder.c99.nl/)
- **RSECloud***: [RSECloud](https://rsecloud.com/search)
- **Intelx***: [Intelx](intelx.io)
- **Builtwith***:[Builtwith](https://api.builtwith.com/domain-api)
- **Passivetotal***:[PassiveTotal](https://api.riskiq.net/api/pdns_pt/#/)
- **Trickest***:[Trickest](https://trickest.io/)

**Notification Resources**:
- **Slack**: [Slack](https://slack.com)
- **Pushbullet**: [Pushbullet](pushbullet.com/)


Installation:

**Subdominator requires python latest version to be installed and with latest version `pip` commandline tool
code
pip install git+https://github.com/RevoltSecurities/Subdominator

and if any error occured with `httpx` package please use this command to install the tool:
bash
pip install git+https://github.com/RevoltSecurities/Subdominator --no-deps==0.25.2

you can also install the tool using **pipx** and install the latest version by using this command:
bash
pipx install git+https://github.com/RevoltSecurities/Subdominator

<h1 align="center">
<img src="https://github.com/RevoltSecurities/Subdominator/blob/main/img/subdominator.png" alt="Subdominator" width="450px">
<br>
</h1>

Subdominator - Unleash the Power of Subdomain Enumeration

Subdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.

  [](https://github.com/RevoltSecurities/Subdominator/blob/main/LICENSE) [](https://www.linkedin.com/in/d-sanjai-kumar-109a7227b/)

Features:

<h1 align="center">
<img src="https://github.com/RevoltSecurities/Subdominator/assets/119435129/2a700962-6868-4a91-a8e8-2210189a4a23" width="700px">
<br>
</h1>

- fast and powerfull to enumerate subdomains.
- 45+ passive results to enumerate subdomains.
- configurable API keys setup
- Integrated notification system

Usage:
code
subdominator -h

yaml
__ __ _ __
_____ __ __ / /_ ____/ / ____ ____ ___ (_) ____ ____ _ / /_ ____ _____
/ ___/ / / / / / __ \ / __ / / __ \ / __ `__ \ / / / __ \ / __ `/ / __/ / __ \ / ___/
(__ ) / /_/ / / /_/ // /_/ / / /_/ / / / / / / / / / / / / // /_/ / / /_ / /_/ / / /
/____/ \__,_/ /_.___/ \__,_/ \____/ /_/ /_/ /_/ /_/ /_/ /_/ \__,_/ \__/ \____/ /_/


RevoltSecurities



[DESCRIPTION]: Subdominator a passive subdomain enumeration that discovers subdomains for your targets using with passive and open source resources

[USAGE]:

subdominator [flags]

[FLAGS]:

[INPUT]:

-d, --domain : domain name to enumerate subdomains.
-dL, --domain-list : filename that contains domains for subdomain enumeration.
stdout : subdominator supports stdout to pipe its output

[OUTPUT]:

-o, --output : filename to save the outputs.
-oD, --output-directory : directory name to save the outputs (use it when -dL is flag used).

[OPTIMIZATION]:

-t, --timeout : timeout value for every sources requests.

[Update]:

-up, --update : update subdominator for latest version but yaml source update required manual to not affect your api keys configurations.
-duc, --disable-update-check : disable automatic update check for subdominator
-sup, --show-updates : shows latest version updates of subdominator

[CONFIG]:

-nt, --notify : send notification of found subdomain using source Slack, Pushbullet, Telegram, Discord
-p, --proxy : http proxy to use with subdominator (intended for debugging the performance of subdominator).
-cp, --config-path : custom path of config file for subdominator to read api keys ( default path: /home/sanjai/.config/Subdominator/provider-config.yaml)

[DEBUG]:

-h, --help : displays this help message and exits
-v, --version : show current version of subdominator and latest version if available and exits
-ske, --show-key-error : show keys error for out of credits and key not provided for particular sources
-sre, --show-timeout-error : show timeout error for sources that are timeout to connect
-nc, --no-color : disable the colorised output of subdominator
-ls, --list-source : display the sources of subdominator uses for subdomain enumerations and exits (included for upcoming updates on sources).



Subdominator Integrations:

Subdominator integrates with various free and Paid API passive sources to gather valuable subdomain information. We would like to give credit to the following websites for providing free-to-obtain API keys for subdomain enumeration.
Claim your free API and Paid keys here:

**Subdomains Resources**:
- **VirusTotal**: [VirusTotal](https://www.virustotal.com)
- **Chaos**: [Chaos](https://chaos.projectdiscovery.io)
- **Dnsdumpter**: [Dnsdumpster](https://dnsdumpster.com)
- **Whoisxml**: [WhoisXML](https://whois.whoisxmlapi.com)
- **SecurityTrails**: [SecurityTrails](https://securitytrails.com)
- **Bevigil**: [Bevigil](https://bevigil.com/)
- **Binaryedge**: [BinaryEdge](https://binaryedge.io)
- **Fullhunt**: [Fullhunt](https://fullhunt.io)
- **Rapidapi**: [RapidAPI](https://rapidapi.com)
- **Bufferover**: [Bufferover](https://tls.bufferover.run/)
- **Certspotter**: [Certspotter](https://sslmate.com/certspotter)
- **Censys**: [Censys](https://search.censys.io/)
- **Fullhunt**: [Fullhunt](https://fullhunt.io/)
- **Zoomeye**: [Zoomeye](https://www.zoomeye.org/)
- **Netlas**: [Netlas](https://netlas.io/)
- **Leakix**: [Leakix](https://leakix.net/)
- **Redhunt**: [Redhunt](https://https://devportal.redhuntlabs.com/)
- **Shodan** : [Shodan](https://shodan.io)
- **Huntermap** : [Hunter](https://hunter.how/)
- **Google**: [Google](https://developers.facebook.com/)
- **Facebook**: [Facebook](https://programmablesearchengine.google.com/controlpanel/create)
- **Quake**: [Quake](https://quake.360.cn/)
- **RapidFinder**: [RapidFinder](https://rapidapi.com/Glavier/api/subdomain-finder3/pricing)
- **RapidScan**: [RapidScan](https://rapidapi.com/sedrakpc/api/subdomain-scan1/pricing)
- **Fofa**: [Fofa](https://en.fofa.info/)
- **CodeRog**: [CodeRog](https://rapidapi.com/coderog-coderog-default/api/subdomain-finder5/pricing)
- **C99**: [C99](https://subdomainfinder.c99.nl/)
- **RSECloud**: [RSECloud](https://rsecloud.com/search)
- **Myssl**: [Myssl](https://myssl.com)
- **Racent**: [Racent](https://face.racent.com)

**Notification Resources**:
- **Slack**: [Slack](https://slack.com)
- **Pushbullet**: [Pushbullet](pushbullet.com/)


Installation:

**Subdominator requires python latest version to be installed and with latest version `pip` commandline tool
code
pip install git+https://github.com/RevoltSecurities/Subdominator

Subdominator - Unleash the Power of Subdomain Enumeration

Subdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.

  [](https://github.com/RevoltSecurities/Subdominator/blob/main/LICENSE) [](https://www.linkedin.com/in/d-sanjai-kumar-109a7227b/)

Features:

- fast and powerfull to enumerate subdomains.
- 35+ passive results to enumerate subdomains.
- configurable API keys setup
- Integrated notification system

Usage:
code
subdominator -h

yaml
__ __ _ __
_____ __ __ / /_ ____/ / ____ ____ ___ (_) ____ ____ _ / /_ ____ _____
/ ___/ / / / / / __ \ / __ / / __ \ / __ `__ \ / / / __ \ / __ `/ / __/ / __ \ / ___/
(__ ) / /_/ / / /_/ // /_/ / / /_/ / / / / / / / / / / / / // /_/ / / /_ / /_/ / / /
/____/ \__,_/ /_.___/ \__,_/ \____/ /_/ /_/ /_/ /_/ /_/ /_/ \__,_/ \__/ \____/ /_/


RevoltSecurities



[DESCRIPTION]: Subdominator a passive subdomain enumeration that discovers subdomains for your targets using with passive and open source resources

[USAGE]:

subdominator [flags]

[FLAGS]:

[INPUT]:

-d, --domain : domain name to enumerate subdomains.
-dL, --domain-list : filename that contains domains for subdomain enumeration.
stdout : subdominator supports stdout to pipe its output

[OUTPUT]:

-o, --output : filename to save the outputs.
-oD, --output-directory : directory name to save the outputs (use it when -dL is flag used).

[OPTIMIZATION]:

-t, --timeout : timeout value for every sources requests.

[Update]:

-up, --update : update subdominator for latest version but yaml source update required manual to not affect your api keys configurations.
-duc, --disable-update-check : disable automatic update check for subdominator
-sup, --show-updates : shows latest version updates of subdominator

[CONFIG]:

-nt, --notify : send notification of found subdomain using source Slack, Pushbullet, Telegram, Discord
-p, --proxy : http proxy to use with subdominator (intended for debugging the performance of subdominator).
-cp, --config-path : custom path of config file for subdominator to read api keys ( default path: /home/sanjai/.config/Subdominator/provider-config.yaml)

[DEBUG]:

-h, --help : displays this help message and exits
-v, --version : show current version of subdominator and latest version if available and exits
-ske, --show-key-error : show keys error for out of credits and key not provided for particular sources
-sre, --show-timeout-error : show timeout error for sources that are timeout to connect
-nc, --no-color : disable the colorised output of subdominator
-ls, --list-source : display the sources of subdominator uses for subdomain enumerations and exits (included for upcoming updates on sources).



Subdominator Integrations:

Subdominator integrates with various free API passive sources to gather valuable subdomain information. We would like to give credit to the following websites for providing free-to-obtain API keys for subdomain enumeration.
Claim your free API keys here:
**Subdomains Resources**:
- **VirusTotal**: [VirusTotal](https://www.virustotal.com)
- **Chaos**: [Chaos](https://chaos.projectdiscovery.io)
- **Dnsdumpter**: [Dnsdumpster](https://dnsdumpster.com)
- **Whoisxml**: [WhoisXML](https://whois.whoisxmlapi.com)
- **SecurityTrails**: [SecurityTrails](https://securitytrails.com)
- **Bevigil**: [Bevigil](https://bevigil.com/)
- **Binaryedge**: [BinaryEdge](https://binaryedge.io)
- **Fullhunt**: [Fullhunt](https://fullhunt.io)
- **Rapidapi**: [RapidAPI](https://rapidapi.com)
- **Bufferover**: [Bufferover](https://tls.bufferover.run/)
- **Certspotter**: [Certspotter](https://sslmate.com/certspotter)
- **Censys**: [Censys](https://search.censys.io/)
- **Fullhunt**: [Fullhunt](https://fullhunt.io/)
- **Zoomeye**: [Zoomeye](https://www.zoomeye.org/)
- **Netlas**: [Netlas](https://netlas.io/)
- **Leakix**: [Leakix](https://leakix.net/)
- **Redhunt**: [Redhunt](https://https://devportal.redhuntlabs.com/)
- **Shodan** : [Shodan](https://shodan.io)
- **Huntermap** : [Hunter](https://hunter.how/)
- **Google**: [Google](https://developers.facebook.com/)
- **Facebook**: [Facebook](https://programmablesearchengine.google.com/controlpanel/create)
- **Quake**: [Quake](https://quake.360.cn/)
- **RapidFinder**: [RapidFinder](https://rapidapi.com/Glavier/api/subdomain-finder3/pricing)
- **RapidScan**: [RapidScan](https://rapidapi.com/sedrakpc/api/subdomain-scan1/pricing)

**Notification Resources**:
- **Slack**: [Slack](https://slack.com)
- **Pushbullet**: [Pushbullet](pushbullet.com/)


Installation:

**Subdominator requires python latest version to be installed and with latest version `pip` commandline tool
code
pip install git+https://github.com/RevoltSecurities/Subdominator

Subdominator New Verision updates:

- New version of subdominator concurrency are improved
- Subdominator notification results are enhanced and improved
- Subdominator OSINT mode will give more and better than previous versions
- Installation errors and Bugs are patched
- Subdominator supports oneliners

Install New version by pip:

bash
pip install git+https://github.com/sanjai-AK47/Subdominator.git


**INFO:** If you are installing subdominator for first time means install it will `config_keys.yaml` file by git clone then install with pip

We are excited to announce the latest release of Subdominator v1.0.5, packed with new features, bug fixes, and improvements. Subdominator is now more powerful, versatile, and easier to use than ever before.

**What's New:**

- **Shodan and Hunter:** Subdominator now supports Shodan and HunterHow API service, expanding the range of tools available for subdomain enumeration and analysis. Harness the power of Redhunt alongside other APIs for comprehensive domain reconnaissance.

- **Increased Concurrency:** We've optimized Subdominator for faster subdomain enumeration. With increased concurrency, you can discover subdomains more efficiently, making your penetration testing workflows even smoother.

- **Bug Fixes and Logical Improvements:** We've squashed pesky bugs and refined the logic under the hood. Subdominator is now more reliable and accurate, ensuring you get the results you need.

- **Improved Recursion for Unique Wildcards:** Subdominator's recursion algorithm for unique wildcards has been enhanced. Discover even more hidden subdomains with our improved recursive scanning.

- **Python Package:** Subdominator is now available as a Python package! Installing and upgrading Subdominator is a breeze on any operating system. Run Subdominator anywhere, anytime, without hassle.

**About the Author:**

Hi Im [D.Sanjai Kumar](https://www.linkedin.com/in/d-sanjai-kumar-109a7227b/) the developer for Subdominator and Im a web pentester and an API penetration tester and open source tool developer
if you have any issues related to subdominator please submit an issues. Thank you!
**Getting Started:**

To get started with Subdominator v1.0.4, simply visit the official GitHub repository: [Subdominator GitHub Repo](https://github.com/sanjai-AK47/Subdominator)

**How to Install:**

Method 1

bash
pip install subdominator
subdominator -h

copy the configuration yaml file from github if you are new user to subdominator
Dont worry if any installation failed and there is another method is there for you guys or you run the subdominator script as previous version!

bash
git clone https://github.com/sanjai-AK47/Subdominator.git
pip install .
subdominator -h

After a successfull installtions configure your yaml file you can simply see [here](https://github.com/sanjai-AK47/Subdominator) how to
add new integration in the config_keys.yaml with my Instructions and some changes also done is services like Censys,Zoomeye-auth,Dnsdumpster and etc.. which breaks the limitations of api keys of Subdominator which makes it better than previous versions


Thank you for using Subdominator, and happy hacking! 🚀

---

We are excited to announce the latest release of Subdominator v1.0.4, packed with new features, bug fixes, and improvements. Subdominator is now more powerful, versatile, and easier to use than ever before.

**What's New:**

- **Redhunt API Integration:** Subdominator now supports Redhunt API service, expanding the range of tools available for subdomain enumeration and analysis. Harness the power of Redhunt alongside other APIs for comprehensive domain reconnaissance.

- **Increased Concurrency:** We've optimized Subdominator for faster subdomain enumeration. With increased concurrency, you can discover subdomains more efficiently, making your penetration testing workflows even smoother.

- **Bug Fixes and Logical Improvements:** We've squashed pesky bugs and refined the logic under the hood. Subdominator is now more reliable and accurate, ensuring you get the results you need.

- **Improved Recursion for Unique Wildcards:** Subdominator's recursion algorithm for unique wildcards has been enhanced. Discover even more hidden subdomains with our improved recursive scanning.

- **Python Package:** Subdominator is now available as a Python package! Installing and upgrading Subdominator is a breeze on any operating system. Run Subdominator anywhere, anytime, without hassle.

**About the Author:**

Hi Im D.Sanjai Kumar the developer for Subdominator and Im a web pentester and an API penetration tester and open source tool developer
if you have any issues related to subdominator please submit an issues. Thank you!
**Getting Started:**

To get started with Subdominator v1.0.4, simply visit the official GitHub repository: [Subdominator GitHub Repo](https://github.com/sanjai-AK47/Subdominator)

**How to Install:**

Method 1

bash
git clone https://github.com/sanjai-AK47/Subdominator.git
pip install subdominator
subdominator -h

Dont worry if any installation failed and there is another method is there for you guys or you run the subdominator script as previous version!

bash
git clone https://github.com/sanjai-AK47/Subdominator.git
pip install .
subdominator -h

After a successfull installtions configure your yaml file you can simply see [here](https://github.com/sanjai-AK47/Subdominator) how to
add new integration in the config_keys.yaml with my Instructions and some changes also done is services like Censys,Zoomeye-auth,Dnsdumpster and etc.. which breaks the limitations of api keys of Subdominator which makes it better than previous versions


Thank you for using Subdominator, and happy hacking! 🚀

---

.