Skip to content
Related Articles

Related Articles

Improve Article

Knock – Subdomain Scanner Tool in Kali Linux

  • Difficulty Level : Easy
  • Last Updated : 18 Jul, 2021

Knock is a tool written in Python and is designed to enumerate subdomains in a target domain through a wordlist.

Installation:

First clone the tool from the GitHub repository by using the below command.

git clone https://github.com/santiko/KnockPy.git

Then Change to your preferred directory.

cd KnockPy

Fig 1: Cloning tool from GitHub repository.

How to use:

Run tool: To run the tool and to know its options, type the following command.

python knock.py -h

Fig 2: Options provided by Knock.

Show version: To show version of the tool, enter:



python knock.py -v

Fig 3: Version of knock.

Short information: To find out short information about any domain, enter:

python knock.py -i domain name (which in our case is google.com)

Fig 4: Short info about google.com

Resolve: To resolve domain name, type:

python knock.py -r google.com

Fig 5: Resolving domain google.com

Zone Transfer: To check if zone transfer is enabled or not, enter the following command.

python knock.py -z youtube.com

Fig 6: Checking zone transfer enabled or not.

Subdomains: To get the subdomain of a website, type the following command

python knock.py tesla.com

Fig 7: Getting subdomains.

As we can see from the image shown below, that knock found 48 subdomains in 12 hosts of tesla.com

Fig 8: subdomains

My Personal Notes arrow_drop_up
Recommended Articles
Page :