DEV Community

arrester
arrester

Posted on β€’ Edited on

SubSurfer

SubSurfer

SubSurfer is an open-source security tool designed for efficiently identifying subdomains and network subnets. It leverages both passive and active scanning techniques to uncover hidden subdomains of a target domain, providing valuable insights for security assessments and red team operations. The tool is well-suited for enhancing OSINT and attack surface analysis, offering automated data collection and powerful filtering options. Additionally, SubSurfer can be imported and used as a Python module, allowing for seamless integration into custom scripts and applications.

Image description

🌟 Features

Red Team/Bug Bounty Support: Useful for both red team operations and web bug bounty projects
High-Performance Scanning: Fast subdomain enumeration using asynchronous and parallel processing
Port Scanning: Expand asset scanning range with customizable port selection
Web Service Identification: Gather environmental details such as web servers and technology stacks
Pipeline Integration: Supports integration with other tools using -pipeweb and -pipesub options
Modular Design: Can be imported and used as a Python module
Continuous Updates: - Continuous Updates: New passive/active modules will continue to be added

πŸš€ Installation

bash
git clone https://github.com/arrester/subsurfer.git
cd subsurfer

or

Python
pip install subsurfer

Homepage

GitHub: https://github.com/arrester/SubSurfer
PyPi: https://pypi.org/project/subsurfer/

If you find the tool useful, please give it a GitHub Star.

Sentry image

See why 4M developers consider Sentry, β€œnot bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs