Subsleuth is a powerful subdomain bruteforcing tool for bug bounty hunters and penetration testers to discover subdomains and enhance their web security testing.
Prerequisites
- NodeJs
Installation and Example
-
Install NodeJS Instructions Here (If you can't figure this out, you shouldn't really be using this)
- Linux, Mac, Windows
npm install subsleuth -g
- Github
- click HERE for downloads
- Linux, Mac, Windows
-
Open terminal now type
subsleuth -
Example for signle domain
- input
subsleuth -d google.com -w wordlist.txt
- output
subsleuth -d google.com -w wordlist.txt -o output.txt
- input
-
Example for multiple domains or to find subdomains of subdomains
- input
subsleuth -l domain-list.txt -w wordlist.txt
- output
subsleuth -l domain-list.txt -w wordlist.txt -o output.txt
- input
Usages 📚 :
$ subsleuth [option]
Usage: subsleuth [options]
Options:
-h, --help Show help
-V, --version Show version number
-w, --wordlist Customize wordlists
-d, --domain domains to find subdomains for
-o, --output Save the results to text file
-l, --list file containing list of domains for subdomain discovery