A simple tool to perform domain-related reconnaissance using various tools.
Sohrab Kaghazian
This script utilizes the following reconnaissance tools:
Sublist3r β A fast subdomain enumeration tool for penetration testers.
Subfinder β A tool for discovering subdomains using passive sources.
Amass β A powerful open-source tool for network mapping of attack surfaces and external assets.
Assetfinder β A tool to find assets related to a given domain.
Findomain β A fast subdomain discovery tool that supports multiple passive sources.
Dnsrecon β A DNS reconnaissance tool to gather DNS-related information about domains.
Gobuster β A tool for directory and subdomain busting using wordlist-based brute-forcing.
TheHarvester β A tool for gathering information from public sources such as search engines, social media, and more.
Knockpy β A subdomain brute-force tool that uses a wordlist to find subdomains for a given domain.
- Automatic Tool Installation & Updates β Automatically installs missing tools and updates existing ones.
- Comprehensive Subdomain Enumeration β Supports multiple tools for subdomain discovery and DNS reconnaissance.
- Easy-to-Use Command-Line Interface β Run a simple command to get results!
-
Install Python 3 (if you haven't already):
- Download it from the official website: Python Downloads
- Alternatively, install it on system (Kali):
sudo apt update sudo apt install python3 python3 --version
-
Usage:
python3 Sub_Recon.py -d <domain> -w <wordlist.txt> -r <resolver.txt>
- If you want to analyze your outputs further, visit SubTools at:
SubTools Repository --> https://github.com/llsohrabll/Sub_Recon/tree/main/SubTools