Massc – Subdomain Scanner Tool Designed in JavaScript

Subdomain enumeration is the process of finding valid (resolvable) subdomains for one or more domain(s). The general system is to use a dictionary of common names, trying to resolve them. These detected subdomains can reveal crucial information about the target, which might not be present in the main domain. Massc tool is a Nodejs language-based tool used to find the subdomains with 200 OK Status code. This tool is an open-source tool and free to use. Massc tool brute-forces the words from the default wordlists and sends the request to the target domain web server, if the webserver serves the request with the standard response, then the tool displays the subdomain with the 200 OK status code else there might be the absence of the specified subdomain the target domain server.

Features of Massc Tool:

1. It enumerates the subdomain of the target domain.
2. It is designed in the Node.js Language.
3. It uses the wordlists to brute-force and detects subdomains.
4. It is open-source and free to use the tool.
5. It returns the subdomains with 200 OK Status code.

Installation of Massc Tool on Kali Linux OS: Make Sure You have already installed Node.js on your System, as this is a JavaScript-based tool. For node.js installation, check Installation of Node.js on Linux article.

Step 1: Check whether JS Environment is Established or not, use the following command.

nodejs --version

Step 2: Open up your Kali Linux terminal and move to Desktop using the following command.

cd Desktop

Step 3: You are on Desktop, now create a new directory called Massc using the following command. In this directory, we will install the Massc tool.

mkdir Massc 

Step 4: Now switch to Massc directory using the following command.

cd Massc

Step 5: Now you have to install the tool. You have to clone the tool from GitHub.

git clone https://github.com/radenvodka/massc.git

Step 6: The tool has been downloaded successfully in the Massc directory. Now list out the contents of the tool by using the below command.

ls

Step 7: You can observe that there is a new directory created of the Massc tool that has been generated while we were installing the tool. Now move to that directory using the below command:

cd massc 

Step 8: Once again to discover the contents of the tool, use the below command.

ls

Step 9: Run the massc.js file with the target domain URL for getting the Subdomains.

nodejs massc.js geeksforgeeks.org

Working with Massc Tool on Kali Linux OS:

Example: GeeksforGeeks Target

nodejs massc.js geeksforgeeks.org

In this example, we will be detecting or finding the subdomains of geeksforgeeks.org form wordlists which is provided by default with the tool. In the below screenshot, We have displayed the contents or the keywords which will be brute-forced for finding the subdomains.

Wordlist content

In the below screenshot, You can see that Massc tool makes the request to the target domain and checks whether there is any responsibility for the specified word used to find the subdomain.

No Subdomains Detected Yet

In the below screenshot, you can see that geeksforgeeks.org has responded to the auth.geeksforgeeks.org subdomain. This subdomain actually exits on the geeksforgeeks.org server.

Subdomain Detected (1)

In the below Screenshot, we have got the campus.geeksforgeeks.org subdomain detected on the geeksforgeeks.org server.

Subdomain Detected (2)

In the below screenshot, we have got the marketing.geeksforgeeks.org subdomain detected on the geeksforgeeks.org server.

Subdomain Detected (3)