Turbolist3r – Subdomain enumeration tool
Subdomain Enumeration is the crucial step for expanding the target scope. The functionality or features cannot be compressed in a single domain so the subdomains are created to split the functionality. These Subdomains can have some crucial information about the target domain. So to detect this Subdomains automation should be done, as Manual identification becomes complex. Turbolist3r is the tool for Subdomain enumeration. It is the fork of the tool Sublist3r. This tool also allows brute-forcing of the subdomains using the subbrute tool utility. Turbolist3r queries public DNS servers for every discovered subdomain. Turbolist3r tool is an automated script designed in the Python language. Turbolist3r tool is open-source and free to use.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux
Installation of Turbolist3r Tool on Kali Linux
Step 1: Check whether Python Environment is Established or not, use the following command.
Step 2: Open up your Kali Linux terminal and move to Desktop using the following command.
Step 3: You are on Desktop now create a new directory called Turbolist3r using the following command. In this directory, we will complete the installation of the Turbolist3r tool.
Step 4: Now switch to the Turbolist3r directory using the following command.
Step 5: Now you have to install the tool. You have to clone the tool from Github.
git clone https://github.com/fleetcaptain/Turbolist3r.git
Step 6: The tool has been downloaded successfully in the Turbolist3r directory. Now list out the contents of the tool by using the below command.
Step 7: You can observe that there is a new directory created of the Turbolist3r tool that has been generated while we were installing the tool. Now move to that directory using the below command:
Step 8: Once again to discover the contents of the tool, use the below command.
Step 9: Download the required packages for running the tool, use the following command.
pip3 install -r requirements.txt
Step 10: Now we are done with our installation, Use the below command to view the help (gives a better understanding of the tool) index of the tool.
python3 turbolist3r.py -h
Working with Turbolist3r Tool on Kali Linux
Example 1: To enumerate subdomains of a specific domain, perform advanced analysis, and save the analysis to a file
python3 turbolist3r.py -d geeksforgeeks.org -a –saverdns analysis_file.txt
1. In this example, We will be Enumerating subdomains of geeksforgeeks.org and getting a detailed analysis of the subdomains.
2. In the below Screenshot, You can see that Subdomains are detected about the main domain geeksforgeeks.org.
3. In the below Screenshot, You can see that we have got the CNAME record of each subdomain identified.
4. In the below Screenshot, You can see that the results are stored in the text file.
Example 2: Read subdomains from a file and perform advanced analysis on them
python3 turbolist3r.py -d geeksforgeeks.org -a –inputfile /home/kali/Desktop/subdomains.txt
1. In this example, We will be performing advanced analysis of subdomains provided in the form of a file.
2. In the below Screenshot, Our scanning process is started.
3. In the below Screenshot, We have got the results of our advanced analysis scan of subdomains provided in the form of a text file.
Example 3: To enumerate subdomains of a specific domain
python3 turbolist3r.py -d geeksforgeeks.org
1. In this example, We will be enumerating simple Subdomain Identification on the geeksforgeeks.org domain.
2. In the below Screenshot, We have got unique 99 subdomains of geeksforgeeks.org
Example 4: To enumerate subdomains of a specific domain and save discovered subdomains to a file
python3 turbolist3r.py -d geeksforgeeks.org -o example_hosts.txt
1. In this Example, We will save the subdomains in the text file.
2. In the below Screenshot, You can see that the Subdomains are saved in the text file.
Example 5: To enumerate subdomains of a specific domain and show the results in realtime
python3 turbolist3r.py -v -d geeksforgeeks.org
1. In this Example, We will perform the enumeration in a realistic way. All the processes will be shown in real time.
2. In the below Screenshot, You can see that we have got the subdomains along with the source from which it is extracted.
Example 6: To enumerate subdomains and use specific engines such Google, Yahoo, and Virustotal engines
python3 turbolist3r.py -e google,yahoo,virustotal -d geeksforgeeks.org
1. In this Example, We will enumerate subdomains and use specific engines such as Google, Yahoo, and Virustotal engines.
2. In the below Screenshot, We have got the subdomains only from Google, Yahoo, and Virustotal engines.