SubSurfer
SubSurfer is an open-source security tool designed for efficiently identifying subdomains and network subnets. It leverages both passive and active scanning techniques to uncover hidden subdomains of a target domain, providing valuable insights for security assessments and red team operations. The tool is well-suited for enhancing OSINT and attack surface analysis, offering automated data collection and powerful filtering options. Additionally, SubSurfer can be imported and used as a Python module, allowing for seamless integration into custom scripts and applications.
π Features
Red Team/Bug Bounty Support: Useful for both red team operations and web bug bounty projects
High-Performance Scanning: Fast subdomain enumeration using asynchronous and parallel processing
Port Scanning: Expand asset scanning range with customizable port selection
Web Service Identification: Gather environmental details such as web servers and technology stacks
Pipeline Integration: Supports integration with other tools using -pipeweb and -pipesub options
Modular Design: Can be imported and used as a Python module
Continuous Updates: - Continuous Updates: New passive/active modules will continue to be added
π Installation
bash
git clone https://github.com/arrester/subsurfer.git
cd subsurfer
or
Python
pip install subsurfer
Homepage
GitHub: https://github.com/arrester/SubSurfer
PyPi: https://pypi.org/project/subsurfer/
If you find the tool useful, please give it a GitHub Star.
Top comments (0)