{"id":13539929,"url":"https://github.com/TypeError/domained","last_synced_at":"2025-04-02T06:31:54.693Z","repository":{"id":58056681,"uuid":"100655179","full_name":"TypeError/domained","owner":"TypeError","description":"Multi Tool Subdomain Enumeration","archived":true,"fork":false,"pushed_at":"2021-04-11T09:54:50.000Z","size":129,"stargazers_count":721,"open_issues_count":16,"forks_count":157,"subscribers_count":34,"default_branch":"master","last_synced_at":"2024-11-03T05:30:18.427Z","etag":null,"topics":["bugbounty","enumeration","infosec","security","subdomains"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TypeError.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/CONTRIBUTING.rst","funding":null,"license":"LICENSE","code_of_conduct":"docs/CODE_OF_CONDUCT.rst","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-08-18T00:03:39.000Z","updated_at":"2024-10-10T15:12:56.000Z","dependencies_parsed_at":"2022-08-28T22:31:28.302Z","dependency_job_id":null,"html_url":"https://github.com/TypeError/domained","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TypeError%2Fdomained","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TypeError%2Fdomained/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TypeError%2Fdomained/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TypeError%2Fdomained/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TypeError","download_url":"https://codeload.github.com/TypeError/domained/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246768295,"owners_count":20830643,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","enumeration","infosec","security","subdomains"],"created_at":"2024-08-01T09:01:34.453Z","updated_at":"2025-04-02T06:31:52.533Z","avatar_url":"https://github.com/TypeError.png","language":"Python","readme":"# domained [archived]\n\nA domain name enumeration tool\n\n---\n**This project is no longer maintained.**\n\nThank you to [@ccsplit](https://github.com/ccsplit) and [@mzfr](https://github.com/mzfr) for their work on domained. \n\n---\n\n\n**Gist:** Some ~~terrible~~ continually updated python code leveraging some awesome tools that I use for bug bounty reconnaissance. \n\n**The tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ng** \n\ndomained uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting with categorized screenshots, server response headers and signature based default credential checking. *(resources are saved to ./bin and output is saved to ./output)*\n\n##### Initial Install: \n* domained tools: `python3 domained.py --install`\n* Python required modules: `sudo pip install -r ./ext/requirements.txt`\n###### Other Dependencies: \n* [ldns](https://www.nlnetlabs.nl/documentation/ldns/) library for DNS programming:\n    * `sudo apt-get install libldns-dev -y`\n* [Go](https://golang.org) Programming Language: \n    * `sudo apt-get install golang`\n\n\n**_NOTE: This is an active recon – only perform on applications that you have permission to test against._**\n\n##### Tools leveraged:\n\n###### Subdomain Enumeraton Tools:\n1. [Sublist3r](https://github.com/aboul3la/Sublist3r) by Ahmed Aboul-Ela \n2. [enumall](https://github.com/jhaddix/domain) by Jason Haddix \n3. [Knock](https://github.com/guelfoweb/knock) by Gianni Amato \n4. [Subbrute](https://github.com/TheRook/subbrute) by TheRook \n5. [massdns](https://github.com/blechschmidt/massdns) by B. Blechschmidt\n6. [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) by Tim Tomes (LaNMaSteR53)\n7. [Amass](https://github.com/OWASP/Amass) by Jeff Foley (caffix)\n8. [SubFinder](https://github.com/subfinder/subfinder) by by Ice3man543\n\n###### Reporting + Wordlists:\n- [EyeWitness](https://github.com/FortyNorthSecurity/EyeWitness) by ChrisTruncer  \n- [SecList](https://github.com/danielmiessler/SecLists) (DNS Recon List) by Daniel Miessler \n- [LevelUp All.txt Subdomain List](https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056) by Jason Haddix \n\n##### Usage\n````\nFirst Step:\nInstall Required Python Modules: sudo pip install -r ./ext/requirements.txt\nInstall Tools: sudo python3 domained.py --install\n\nExample 1: python3 domained.py -d example.com\nUses subdomain example.com (Sublist3r (+subbrute), enumall, Knock, Amass, and SubFinder)\n\nExample 2: python3 domained.py -d example.com -b -p --vpn\nUses subdomain example.com with seclist subdomain list bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall, and SubFinder), adds ports 8443/8080 and checks if on VPN\n\nExample 3: python3 domained.py -d example.com -b --bruteall\nUses subdomain example.com with large-all.txt bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall and SubFinder)\n\nExample 4: python3 domained.py -d example.com --quick\nUses subdomain example.com and only Amass and SubFinder\n\nExample 5: python3 domained.py -d example.com --quick --notify\nUses subdomain example.com, only Amass and SubFinder and notification\n\nExample 6: python3 domained.py -d example.com --noeyewitness\nUses subdomain example.com with no EyeWitness\n\nNote: --bruteall must be used with the -b flag\n````\n\nOption | Description\n------ | --- \n--install/--upgrade  |  Both do the same function – install all prerequisite tools\n--vpn   |   Check if you are on VPN (update with your provider)\n--quick |   Use ONLY Amass and SubFinder\n--bruteall  |   Bruteforce with JHaddix All.txt List instead of SecList\n--fresh  |   Delete old data from output folder\n--notify  |   Send Pushover or Gmail Notifications\n--active  |   EyeWitness Active Scan\n--noeyewitness  |   No Eyewitness\n-d  |   The domain you want to preform recon on\n-b  |   Bruteforce with subbrute/massdns and SecList wordlist\n-s n    |   Only HTTPs domains\n-p  |   Add port 8080 for HTTP and 8443 for HTTPS \n\n##### Notifications\n- Complete the ext/notifycfg.ini for Pushover or Gmail notifications. (*Enable must be set to True*)\n- Please see the Pushover API info [here](https://pushover.net/api) and instructions on how to allow less secure apps on your gmail account [here](https://support.google.com/accounts/answer/6010255)\n\n##### To-Do List\n- [ ] Multiple Domains\n- [x] ~~Notifications~~\n- [ ] Subdomains from [censys](https://censys.io/)\n- [ ] Subdomains from [Shodan](https://shodan.io/)\n- [ ] Web Frontend/Dashboard\n- [x] ~~Add SubFinder~~\n\n##### Thank You to Contributors\n* [ccsplit](https://github.com/ccsplit) - Multiple code improvements including the ability to run domained from any directory\n* [jafoca](https://github.com/jafoca) - Massdns fix\n* [mortymorty](https://github.com/mortymorty) - SecList brute file fix \n* [Chan9390](https://github.com/Chan9390) - Updates to the requirements.txt\n* [dainok](https://github.com/dainok) - Python 3.6+ fixes\n* [Apoorv Raj Saxena](https://github.com/apoorvrajsaxena) - Added SubFinder\n\n\n##### Major Updates\n- 07-15-2017: Updated to include error handling and updated reconnaissance  techniques from Bugcrowd's [LevelUp](https://pages.bugcrowd.com/level-up-virtual-hacking-conference) Conference (including subbrute/masscan and subdomain lists) - influenced by Jason Haddix's talk [Bug Hunter's Methodology 2.0](https://t.co/Umhj4NUtJ5)\n- 08-09-2017: Various fixes (+ phantomjs error), added --fresh option, removed redundant PyBrute folder from output and added pip requirements.txt\n- 08-15-2017: Added notification (--notify) option with Pushover or Gmail support\n- 08-18-2017: Moved repo from [OrOneEqualsOne/reconned](https://github.com/OrOneEqualsOne/reconned)\n- 09-28-2017: Updated for [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) dependency + Python3 changes\n- 06-20-2018: Added [Amass](https://github.com/caffix/amass) and option for no EyeWitness\n- 10-12-2018: Added [SubFinder](https://github.com/subfinder/subfinder)\n","funding_links":[],"categories":["\u003ca id=\"a76463feb91d09b3d024fae798b92be6\"\u003e\u003c/a\u003e侦察\u0026\u0026信息收集\u0026\u0026子域名发现与枚举\u0026\u0026OSINT","Recon","Python","Python (1887)","\u003ca id=\"170048b7d8668c50681c0ab1e92c679a\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"e945721056c78a53003e01c3d2f3b8fe\"\u003e\u003c/a\u003e子域名枚举\u0026\u0026爆破","Subdomain Enumeration"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTypeError%2Fdomained","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FTypeError%2Fdomained","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTypeError%2Fdomained/lists"}