Tool and Usage
Why this tool?
SubFinder is a tool to scan domains and discover subdomains. This may be useful during the reconnaissance phase of penetration testing where information is collected. Some subdomains may reveal sensitive data or point to interesting targets such as a backup location.
How it works
SubFinder uses various techniques to discover massive amounts of subdomains for a specified target. Such techniques include using passive sources, search engines, Pastebin snippets, internet archives, and others. It then uses a permutation module (inspired by altdns) to generate permutations and resolve them quickly using a powerful brute-forcing engine.
Usage and audience
SubFinder is commonly used for discovery of sensitive information, information gathering, penetration testing, reconnaissance, or security assessment. Target users for this tool are pentesters and security professionals.
- Command line interface
- Customization and additions are possible
- JSON output supported
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Tool is modular and extendable
- + More than 500 GitHub stars
- + The source code of this software is available
Supported operating systems
SubFinder is known to work on Linux.
Similar tools to SubFinder:
Fierce is a security tool that helps with DNS reconnaissance. It can locate non-contiguous IP space, but using DNS information.
Async DNS Brute, or aiodnsbrute, is a security tool to help with resolving many DNS entries and the related discovery.
Sublist3r is a security tool to scan a domain and attempt the discovery of underlying subdomains. This can be used during pentesting and security assessments.
This tool page was updated at . Found an improvement? Help the community by submitting an update.