Open In App

Spoodle Subdomain Tracker in Linux

Improve
Improve
Like Article
Like
Save
Share
Report

Vulnerability Scanning is a critical process to find and report the security flaws detected on the target domain or the subdomains. There are various methods for vulnerability scanning, which include Manual Testing and Automated Testing. In the Automated methods, various tools are used to detect flaws. Spoodle is an automated tool developed in the python language which automatically enumerates the subdomains using the Subbrute tool and scans the domain or subdomain for vulnerability. The Spoodle tool uses the Poodle Vulnerability Scanner as its parent scanner. Spoodle tool is an open-source and free-to-use tool.

Features of Spoodle Tool

  1. Spoodle tool enumerates subdomains using the Subbrute tool.
  2. Spoodle tool uses the Poodle scanner to find the vulnerabilities.
  3. Spoodle tool is developed in the python language.
  4. Spoodle tool can work efficiently with targets having more areas of scope.
  5. Spoodle tool is open-source and free to use the tool.

Installation of Spoodle Tool on Kali Linux OS

Make Sure You have Python Installed on your System, as this is a python-based tool.

Check the following article to install Python on Linux: https://www.geeksforgeeks.org/how-to-install-python-on-linux/ 

Step 1: As this is a Python-based tool, we need to verify whether Python is available on the System. 

python
Checking Python is present or not

 

Step 2: After checking the Python environment, we will navigate to the Desktop by using the below command in the terminal

cd Desktop
Navigating to desktop

 

Step 3: You are on Desktop now create a new directory called Spoodle using the following command. In this directory, we will be installing the Spoodle tool. 

mkdir Spoodle 
Making new directory

 

Step 4: Now switch to the Spoodle directory using the following command.

cd Spoodle 
Going to Spoodle directory

 

Step 5: Spoodle tool can be installed by using the GitHub repository, we will clone the repository from GitHub using the below command, and then we will install the tool by running the setup. 

git clone https://github.com/avicoder/spoodle.git
Downloading Spoodle Repository

 

Step 6: By using the git clone command, we have downloaded the Spoodle repository on our local machine, now we will see the contents of the directory by using the ls command. 

ls
Listing contents of Spoodle directory

 

Step 7: You can observe that there is a new directory created for the Spoodle tool that has been generated while we were installing the tool. We will change the directory to spoodle, as in this directory, there is a python script. 

cd spoodle
Going to Spoodle directory

 

Step 8: To list out the contents of this directory, we have to use the ls command once again in the terminal. 

ls
Listing contents of Spoodle directory

 

Step 9: After completion of all the above steps, we have done with the installation part of the tool, we can verify the installation by checking the help section of the tool. 

python spoodle.py -h
Running the spoodle.py file and viewing the help section

 

Working with Spoodle Tool on Kali Linux

Usage/Example

python spoodle.py geeksforgeeks.org

1. In this Example, We are scanning for any vulnerabilities on the target domain geeksforgeeks.org.

Scanning on geeksforgeeks.org

 

2. In the below Screenshot, You can see that the Spoodle tool automatically finds the subdomains and can check for vulnerabilities present on that domain as geeksforgeeks.org is a secured website tool that has not detected any vulnerability on the domain.

Results are displayed

 

Spoodle tool has detected the subdomain, IP address, and Vulnerability status.

Conclusion:

In conclusion, Spoodle is a strong tool for mass subdomain scanning and finding Poodle SSLv3 vulnerability-related flaws. This tool generates a list of subdomains using Subbrute and then checks them for the Poodle vulnerability. Spoodle can save security professionals a lot of time and work by automating this procedure. It is crucial to remember that Spoodle should only be used in an ethical and responsible manner. You should use it only on websites where you have permission to scan them, and you should be aware of any potential ethical or legal repercussions before using it. Overall, Spoodle is a useful tool for security professionals who want to check their organization’s network for potential attack vectors and scan for SSLv3 vulnerabilities.



Last Updated : 17 Apr, 2023
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads