{"id":30448224,"url":"https://github.com/eredotpkfr/subscan","last_synced_at":"2025-08-23T12:04:31.249Z","repository":{"id":266040088,"uuid":"794470821","full_name":"eredotpkfr/subscan","owner":"eredotpkfr","description":"⚡ A subdomain enumeration tool leveraging diverse techniques, designed for advanced pentesting operations","archived":false,"fork":false,"pushed_at":"2025-08-19T08:56:16.000Z","size":8494,"stargazers_count":46,"open_issues_count":10,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-08-19T09:51:08.521Z","etag":null,"topics":["brute-force","bruteforce","crawler","pentest","pentest-tool","pentesting","pentesting-tool","rust","rust-crate","rust-lang","scanner","searchengines","subdomain","subdomain-bruteforcing","subdomain-enumeration","subdomain-finder","subdomain-scanner","zonetransfer"],"latest_commit_sha":null,"homepage":"https://www.erdoganyoksul.com/subscan","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eredotpkfr.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"buy_me_a_coffee":"eredotpkfr"}},"created_at":"2024-05-01T08:42:35.000Z","updated_at":"2025-08-19T08:55:19.000Z","dependencies_parsed_at":"2024-12-16T12:19:10.865Z","dependency_job_id":"c3e0245d-d8eb-4c07-abad-843f05994ee6","html_url":"https://github.com/eredotpkfr/subscan","commit_stats":null,"previous_names":["eredotpkfr/subscan"],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/eredotpkfr/subscan","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eredotpkfr%2Fsubscan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eredotpkfr%2Fsubscan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eredotpkfr%2Fsubscan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eredotpkfr%2Fsubscan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eredotpkfr","download_url":"https://codeload.github.com/eredotpkfr/subscan/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eredotpkfr%2Fsubscan/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271746907,"owners_count":24813594,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-23T02:00:09.327Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brute-force","bruteforce","crawler","pentest","pentest-tool","pentesting","pentesting-tool","rust","rust-crate","rust-lang","scanner","searchengines","subdomain","subdomain-bruteforcing","subdomain-enumeration","subdomain-finder","subdomain-scanner","zonetransfer"],"created_at":"2025-08-23T12:02:37.276Z","updated_at":"2025-08-23T12:04:31.234Z","avatar_url":"https://github.com/eredotpkfr.png","language":"Rust","funding_links":["https://buymeacoffee.com/eredotpkfr","https://www.buymeacoffee.com/eredotpkfr"],"categories":[],"sub_categories":[],"readme":"\u003c!-- markdownlint-disable MD033 MD041 --\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://github.com/eredotpkfr/subscan/blob/main/assets/logo-light.png?raw=true\"\u003e\n    \u003cimg alt=\"Subscan Logo\" height=\"105px\" src=\"https://github.com/eredotpkfr/subscan/blob/main/assets/logo-dark.png?raw=true\"\u003e\n  \u003c/picture\u003e\n\u003c/div\u003e\n\u003cbr\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/actions/workflows/tests.yml\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/github/actions/workflow/status/eredotpkfr/subscan/tests.yml?label=test\u0026logo=Github\u0026labelColor=ff3030\u0026color=e6e6e6\"\u003e\n      \u003cimg alt=\"GitHub Actions Test Workflow Status\" src=\"https://img.shields.io/github/actions/workflow/status/eredotpkfr/subscan/tests.yml?label=test\u0026logo=Github\u0026labelColor=42445a\u0026color=e6e6e6\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://app.codecov.io/gh/eredotpkfr/subscan\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/codecov/c/gh/eredotpkfr/subscan?labelColor=ff3030\u0026color=e6e6e6\u0026logo=codecov\u0026logoColor=white\"\u003e\n      \u003cimg alt=\"Codecov Status\" src=\"https://img.shields.io/codecov/c/gh/eredotpkfr/subscan?labelColor=42445a\u0026color=e6e6e6\u0026logo=codecov\u0026logoColor=white\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://crates.io/crates/subscan\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/crates/v/subscan?logoColor=white\u0026color=e6e6e6\u0026labelColor=ff3030\"\u003e\n      \u003cimg alt=\"Crates.io\" src=\"https://img.shields.io/crates/v/subscan?labelColor=42445a\u0026color=e6e6e6\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://docs.rs/subscan/latest/subscan/\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/docsrs/subscan?logoColor=white\u0026color=e6e6e6\u0026labelColor=ff3030\u0026logo=Rust\"\u003e\n      \u003cimg alt=\"Docs.rs\" src=\"https://img.shields.io/docsrs/subscan?labelColor=42445a\u0026color=e6e6e6\u0026logo=Rust\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\u003c/div\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/actions/workflows/docker.yml\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/github/actions/workflow/status/eredotpkfr/subscan/docker.yml?label=docker\u0026logo=Docker\u0026labelColor=ff3030\u0026color=e6e6e6\u0026logoColor=white\"\u003e\n      \u003cimg alt=\"GitHub Actions Docker Workflow Status\" src=\"https://img.shields.io/github/actions/workflow/status/eredotpkfr/subscan/docker.yml?label=docker\u0026logo=Docker\u0026labelColor=42445a\u0026color=e6e6e6\u0026logoColor=white\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/actions/workflows/mdbook.yml\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/github/actions/workflow/status/eredotpkfr/subscan/mdbook.yml?label=book\u0026logo=Rust\u0026labelColor=ff3030\u0026color=e6e6e6\"\u003e\n      \u003cimg alt=\"GitHub Actions Test Workflow Status\" src=\"https://img.shields.io/github/actions/workflow/status/eredotpkfr/subscan/mdbook.yml?label=book\u0026logo=Rust\u0026labelColor=42445a\u0026color=e6e6e6\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\u003c/div\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ca href=\"https://pre-commit.com/\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit\u0026logoColor=white\u0026color=e6e6e6\u0026labelColor=ff3030\"\u003e\n      \u003cimg alt=\"Pre-commit Badge\" src=\"https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit\u0026logoColor=white\u0026color=e6e6e6\u0026labelColor=42445a\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://gitleaks.io/\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/badge/protected%20by-gitleaks-blue?color=e6e6e6\u0026labelColor=ff3030\"\u003e\n      \u003cimg alt=\"Gitleaks Badge\" src=\"https://img.shields.io/badge/protected%20by-gitleaks-blue?color=e6e6e6\u0026labelColor=42445a\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://github.com/rust-secure-code/safety-dance/\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/badge/unsafe-forbidden-success.svg?color=e6e6e6\u0026labelColor=ff3030\"\u003e\n      \u003cimg alt=\"Unsafe Forbidden\" src=\"https://img.shields.io/badge/unsafe-forbidden-success.svg?color=e6e6e6\u0026labelColor=42445a\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/blob/main/LICENSE\"\u003e\n    \u003cpicture\u003e\n      \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://img.shields.io/github/license/eredotpkfr/subscan?labelColor=ff3030\u0026color=e6e6e6\"\u003e\n      \u003cimg alt=\"License Badge\" src=\"https://img.shields.io/github/license/eredotpkfr/subscan?labelColor=42445a\u0026color=e6e6e6\"\u003e\n    \u003c/picture\u003e\n  \u003c/a\u003e\n\u003c/div\u003e\n\u003cbr\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/?tab=readme-ov-file#install\"\u003eInstall\u003c/a\u003e •\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/?tab=readme-ov-file#usage\"\u003eUsage\u003c/a\u003e •\n  \u003ca href=\"https://docs.rs/subscan/latest/subscan/\"\u003eDoc\u003c/a\u003e •\n  \u003ca href=\"https://www.erdoganyoksul.com/subscan/\"\u003eBook\u003c/a\u003e •\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/?tab=readme-ov-file#docker\"\u003eDocker\u003c/a\u003e •\n  \u003ca href=\"https://github.com/eredotpkfr/subscan/?tab=readme-ov-file#development\"\u003eDevelopment\u003c/a\u003e\n\u003c/p\u003e\n\u003cbr\u003e\n\u003c!-- markdownlint-enable MD033 MD041 --\u003e\n\nSubscan is a powerful subdomain enumeration tool built with [Rust](https://www.rust-lang.org/), specifically designed for penetration testing purposes. It combines various discovery techniques into a single, lightweight binary, making subdomain hunting easier and faster for security researchers\n\n\u003c!-- markdownlint-disable MD007 --\u003e\n\n## Features\n\n- 🕵️ Smart Discovery Tricks\n  - Use multiple search engines (`Google`, `Yahoo`, `Bing`, `DuckDuckGo`, etc.)\n  - Integrate with APIs like `Shodan`, `Censys`, `VirusTotal` and more\n  - Perform zone transfer checks\n  - Subdomain brute-forcing with optimized wordlists\n- 🔍 Resolve IP addresses for all subdomains\n- 📎 Export reports in `CSV`, `HTML`, `JSON`, or `TXT` formats\n- 🛠️ Configurable\n  - Customize HTTP requests (user-agent, timeout, etc.)\n  - Rotate requests via proxies (`--proxy` argument)\n  - Fine-tune IP resolver with `--resolver` arguments\n  - Filter and run specific modules with `--skips` and `--modules`\n- 🐳 Docker Friendly\n  - Native support for `amd64` and `arm64` Linux platforms\n  - A tiny container that won't eat up your storage — under 1GB and ready to roll 🚀\n- 💻 Compatible with multiple platforms and easy to install as a single binary\n\n\u003c!-- markdownlint-enable MD007 --\u003e\n\n## Install\n\n🦀 Install the `subscan` tool using Cargo, Rust's package manager. Make sure you have [Rust](https://www.rust-lang.org/) installed on your system. Then, run\n\n```bash\n~$ cargo install subscan\n```\n\n## Usage\n\n✨ Here's a quick overview of how to use it\n\n```bash\n~$ subscan\n            _\n           | |\n  ___ _   _| |__  ___  ___ __ _ _ __\n / __| | | | '_ \\/ __|/ __/ _` | '_ \\\n \\__ \\ |_| | |_) \\__ \\ (_| (_| | | | |\n |___/\\__,_|_.__/|___/\\___\\__,_|_| |_|\n\n\nUsage: subscan [OPTIONS] \u003cCOMMAND\u003e\n\nCommands:\n  scan    Start scan on any domain address\n  brute   Start brute force attack with a given wordlist\n  module  Subcommand to manage implemented modules\n  help    Print this message or the help of the given subcommand(s)\n\nOptions:\n  -v, --verbose...  Increase logging verbosity\n  -q, --quiet...    Decrease logging verbosity\n  -h, --help        Print help (see more with '--help')\n  -V, --version     Print version\n```\n\n### Start Scan\n\nTo scan a domain using all available modules, use the following command\n\n```bash\n~$ subscan scan -d example.com\n```\n\nYou can also choose specific modules to run or skip using the `--skips` and `--modules` arguments. Module names should be provided as a comma-separated list\n\n```bash\n~$ # skip the commoncrawl and google modules during the scan\n~$ subscan scan -d example.com --skips=commoncrawl,google\n```\n\n```bash\n~$ # run only the virustotal module\n~$ subscan scan -d example.com --modules=virustotal\n```\n\n\u003e [!NOTE]\n\u003e If a module is included in both the `--skips` and `--modules` arguments, it will be skipped and not executed\n\n### Brute Force\n\nUse the `brute` command to start a brute force attack with a specific wordlist\n\n```bash\n~$ subscan brute -d example.com --wordlist file.txt\n```\n\n## Environments\n\nAll environments are managed by the `.env` file. Subscan can read your environments from this `.env` file. You can refer to the `.env.template` file to see how to create them\n\n\u003e [!TIP]\n\u003e Also you can specify your environments from shell\n\u003e\n\u003e ```bash\n\u003e SUBSCAN_VIRUSTOTAL_APIKEY=foo subscan scan -d foo.com --modules=virustotal\n\u003e ```\n\n\u003c!-- markdownlint-disable MD033 MD041 --\u003e\n\u003cdiv align=\"center\"\u003e\n\n| Name                           | Required | Description |\n| :----------------------------- | :------: | :---------: |\n| `SUBSCAN_CHROME_PATH`          | `false`  | Specify your Chrome executable. If not specified, the Chrome binary will be fetched automatically by \u003ca href=\"https://github.com/rust-headless-chrome/rust-headless-chrome/\"\u003eheadless_chrome\u003ca/\u003e based on your system architecture |\n| `SUBSCAN_\u003cMODULE_NAME\u003e_HOST` | `false`  | Some API integration modules can provide user specific host, for these cases, set module specific host |\n| `SUBSCAN_\u003cMODULE_NAME\u003e_APIKEY` | `false`  | Some modules may include API integration and require an API key for authentication. Set the API key in these cases |\n| `SUBSCAN_\u003cMODULE_NAME\u003e_USERNAME` | `false`  | Set the username for a module if it uses HTTP basic authentication |\n| `SUBSCAN_\u003cMODULE_NAME\u003e_PASSWORD` | `false`  | Set the password for a module if it uses HTTP basic authentication |\n\n\u003c/div\u003e\n\u003c!-- markdownlint-enable MD033 MD041 --\u003e\n\n## Docker\n\n🐳 For containerized usage, you can pull the `eredotpkfr/subscan` Docker image directly from [Docker Hub](https://hub.docker.com/)\n\n```bash\n~$ docker pull eredotpkfr/subscan:latest\n```\n\nAfter pulling the pre-built image, you can easily run the container to perform subdomain enumeration\n\n```bash\n~$ docker run -it --rm eredotpkfr/subscan scan -d example.com\n```\n\nSpecify environment variable via docker `--env`\n\n```bash\n~$ docker run -it --rm \\\n    --env SUBSCAN_VIRUSTOTAL_APIKEY=foo \\\n    eredotpkfr/subscan scan -d example.com --modules=virustotal\n```\n\nSaving output reports to host machine, use `/data` folder\n\n```bash\n~$ docker run -it --rm \\\n    --volume=\"$PWD/data:/data\" \\\n    eredotpkfr/subscan scan -d example.com\n```\n\nTo specify wordlist into docker container, use `/data` folder\n\n```bash\n~$ docker run -it --rm \\\n    --volume=\"$PWD/wordlist.txt:/data/wordlist.txt\" \\\n    eredotpkfr/subscan brute -d example.com \\\n    -w wordlist.txt --print\n```\n\n## Development\n\n📚 You can find all the resources and documentation for developing Subscan in the [Development](https://www.erdoganyoksul.com/subscan/development/index.html) chapter of the project's book page\n\n## Credits\n\n🙏 Parts of the codebase are inspired by\n\n- [subfinder](https://github.com/projectdiscovery/subfinder) - Fast passive subdomain enumeration tool\n- [Sublist3r](https://github.com/aboul3la/Sublist3r) - Fast subdomains enumeration tool for penetration testers\n- [subbrute](https://github.com/TheRook/subbrute) - A DNS meta-query spider that enumerates DNS records, and subdomains\n- [knock](https://github.com/guelfoweb/knock) - Knock subdomain scan\n- [dnsrecon](https://github.com/darkoperator/dnsrecon) - DNS enumeration script\n\n## Contributing\n\n📢 All contributors are welcome! Whether you're fixing bugs, adding new features, improving documentation, or sharing ideas, your contributions are highly valued and appreciated\n\nTo get started, please check out the [CONTRIBUTING.md](https://github.com/eredotpkfr/subscan/blob/main/.github/CONTRIBUTING.md) file\n\n## Donate\n\u003c!-- markdownlint-disable MD033 MD041 --\u003e\n\u003ca href=\"https://www.buymeacoffee.com/eredotpkfr\" target=\"_blank\"\u003e\u003cimg src=\"https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png\" alt=\"Buy Me A Coffee\" style=\"height: 50px\" \u003e\u003c/a\u003e\n\u003c!-- markdownlint-enable MD033 MD041 --\u003e\n\n## Contact\n\u003c!-- markdownlint-disable MD033 MD041 --\u003e\nBlog - [erdoganyoksul.com](https://www.erdoganyoksul.com)\u003cbr\u003e\nMail - \u003cerdoganyoksul3@gmail.com\u003e\n\u003c!-- markdownlint-enable MD033 MD041 --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feredotpkfr%2Fsubscan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feredotpkfr%2Fsubscan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feredotpkfr%2Fsubscan/lists"}