What is Sublist3r and How to Use it?

Sublister is a tool designed in python and uses OSINT in order to enumerate subdomains of websites. It helps pen-testers in collecting and gathering subdomains for a domain which is their target. In order to fetch the accurate results, sublilster uses many search engines like Google, Yahoo, etc. and even tools like Netcraft, Virustotal, etc.

Installing and using sublister

1. To install sublister you can clone the Github repository  and use it. To do so you can follow the following command.

git clone https://github.com/aboul3la/Sublist3r.git

2. Once the process is done move to the seblister directory 

cd Sublist3r

3. Now we need to check for dependencies, sublist3r depends on requests, dnspython, and argparse python modules. These dependencies can be installed using requirements.txt file: 
 

pip install -r requirements.txt

You can even manually install all the required modules.

Requests module: 

sudo pip install requests

dnspython module 

sudo pip install dnspython

argparse module 

sudo pip install argparse

4. To run the tool, Enter the following command in the terminal.

./sublist3r.py

While running tool if you get any errors like for example dns.resolver module not found or dns.message module not found then it is because you might be running tool on python version 2.7 and installed dnspython module in python 3 version, so it will be better if you use python pip instead of pip3 to solve these errors. 

5. Now our tool is working in the current directory and every time we will try to run it then we need to go into the directory and run it, so now we will make a symbolic link so that we can access it from any directory we are in. 
 

sudo ln -sfv /opt/Sublist3r/sublist3r.py /usr/bin/sublist3r

Usage: 
 

Example:
To list the subdomains of a domain enter the following command in Linux and replace “kali.org” with the website you want to list the subdomains of.

sublist3r -v -d kali.org -t 5 -e bing -o ~/Desktop/subresult.txt

Where -d stands for domain listing and -v will verbose the output and tell from where it is getting the results. The fetch results will be saved in subresult.txt file in the desktop directory and the number of threads will be 5 using bing as a search engine. 
 

As you can see, the above command lists all the domains and subdomains related to kali.org and hence make it easy for us to look for the subdomains of a website.