Subscraper – Subdomain enumeration tool in Kali Linux
Subscraper is a free and open-source tool available on GitHub. Subscraper is used for reconnaissance of subdomains. subscraper is used for finding the subdomain of the target website. This tool is used to find subdomains from a website/web application. Usually, what happens is that it become very difficult for a security researcher to find subdomains from an HTTPS website or web application. This tool helps to get subdomains of all HTTPS as well as HTTP websites. subscraper tool is written in Python you must have python installed into your Kali Linux in order to use this tool. This tool comes with an awesome user interface. The user interface of the tool is very similar to Metasploitable 1 and metasploitable 2 which makes it very easy to run and use.
Features and uses of Subscraper:
- Subscraper is a free and open-source tool available on GitHub.
- Subscraper tool is used for reconnaissance of subdomains of websites/web applications.
- Subscraper tool is used for information gathering.
- Subscraper tool is used to find subdomains of the target.
Step 1: First you have to install the tool using the following command in your kali Linux operating system. Then you have to move to the directory of the tool.
git clone https://github.com/m8r0wn/subscraper cd subscraper
Step 2: The tool has been downloaded successfully now you have to install the tool using the following command.
python3 setup.py install
The tool has been installed successfully in your system now we will see some examples to use the tool.
Example 1: Use subscraper tool to find the subdomain of a website.
subscraper <domain >
once the scanning is completed, use the following command to perform Subdomain Takeover.
subscraper --takeover subscraper_report.txt
Now to view the report use the following command.
ls nano subscraper_report.txt
This is the subdomain takeover report of the tool. You can see that we have found all the subdomains of domain geeksforgeeks.org. Similarly, you can find all the subdomains of any domain. This tool helps security researchers in the initial phases of reconnaissance and security scanning of the website and web applications.
Example 2: Use subscraper tool to find the subdomain of a website by changing the enumeration level of scanning.
subscraper -e 3 <domain>