{"id":30907135,"url":"https://github.com/itszeeshan/subdomainx","last_synced_at":"2025-09-09T12:09:04.902Z","repository":{"id":311287952,"uuid":"761392266","full_name":"itszeeshan/subdomainx","owner":"itszeeshan","description":"all-in-one subdomain enumeration and reconnaissance tool designed for modern cybersecurity professionals, penetration testers, and security researchers.","archived":false,"fork":false,"pushed_at":"2025-09-04T19:16:47.000Z","size":21801,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-04T21:22:45.188Z","etag":null,"topics":["amass","assetfinder","bug-bounty","cybersecurity","dnsrecon","findomain","hacking","httpx","infosec","nmap","offensive-security","osint","penetration-testing","port-scanning","reconnaissance","red-team","security","security-tools","subdomain-discovery","subfinder"],"latest_commit_sha":null,"homepage":"https://subdomainx.vercel.app","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/itszeeshan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-02-21T19:32:46.000Z","updated_at":"2025-09-04T19:16:51.000Z","dependencies_parsed_at":"2025-08-24T00:32:29.050Z","dependency_job_id":null,"html_url":"https://github.com/itszeeshan/subdomainx","commit_stats":null,"previous_names":["itszeeshan/subdomainx"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/itszeeshan/subdomainx","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itszeeshan%2Fsubdomainx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itszeeshan%2Fsubdomainx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itszeeshan%2Fsubdomainx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itszeeshan%2Fsubdomainx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/itszeeshan","download_url":"https://codeload.github.com/itszeeshan/subdomainx/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itszeeshan%2Fsubdomainx/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274292948,"owners_count":25258173,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-09T02:00:10.223Z","response_time":80,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["amass","assetfinder","bug-bounty","cybersecurity","dnsrecon","findomain","hacking","httpx","infosec","nmap","offensive-security","osint","penetration-testing","port-scanning","reconnaissance","red-team","security","security-tools","subdomain-discovery","subfinder"],"created_at":"2025-09-09T12:08:59.271Z","updated_at":"2025-09-09T12:09:04.891Z","avatar_url":"https://github.com/itszeeshan.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\r\n \u003cimg src=\"docs/public/logo.png\" alt=\"SubdomainX Logo\" width=\"200\"/\u003e\r\n \u003ch1\u003eSubdomainX\u003c/h1\u003e\r\n \u003cp\u003e\u003cstrong\u003eAdvanced Subdomain Discovery \u0026 Security Reconnaissance Tool\u003c/strong\u003e\u003c/p\u003e\r\n\u003c/div\u003e\r\n\r\n\u003cdiv align=\"center\"\u003e\r\n\r\n[![Go Version](https://img.shields.io/badge/Go-1.21+-blue.svg)](https://golang.org)\r\n[![License](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)\r\n[![Go Report Card](https://goreportcard.com/badge/github.com/itszeeshan/subdomainx)](https://goreportcard.com/report/github.com/itszeeshan/subdomainx)\r\n[![Go Reference](https://pkg.go.dev/badge/github.com/itszeeshan/subdomainx.svg)](https://pkg.go.dev/github.com/itszeeshan/subdomainx)\r\n[![GitHub release](https://img.shields.io/github/release/itszeeshan/subdomainx.svg)](https://github.com/itszeeshan/subdomainx/releases)\r\n[![GitHub stars](https://img.shields.io/github/stars/itszeeshan/subdomainx.svg)](https://github.com/itszeeshan/subdomainx/stargazers)\r\n[![GitHub forks](https://img.shields.io/github/forks/itszeeshan/subdomainx.svg)](https://github.com/itszeeshan/subdomainx/network)\r\n[![GitHub issues](https://img.shields.io/github/issues/itszeeshan/subdomainx.svg)](https://github.com/itszeeshan/subdomainx/issues)\r\n[![GitHub pull requests](https://img.shields.io/github/issues-pr/itszeeshan/subdomainx.svg)](https://github.com/itszeeshan/subdomainx/pulls)\r\n[![CI/CD](https://img.shields.io/github/actions/workflow/status/itszeeshan/subdomainx/ci.yml?branch=main)](https://github.com/itszeeshan/subdomainx/actions)\r\n[![Code Coverage](https://img.shields.io/badge/coverage-85%25-brightgreen.svg)](https://github.com/itszeeshan/subdomainx)\r\n\r\n\u003c/div\u003e\r\n\r\n---\r\n\r\n**SubdomainX** is a powerful, all-in-one subdomain enumeration and reconnaissance tool designed for modern cybersecurity professionals, penetration testers, and security researchers.\r\n\r\n### Why Choose SubdomainX?\r\n\r\n- **All-in-One Solution**: Combines 12+ popular enumeration tools into a single, unified interface\r\n- **High Performance**: Multi-threaded architecture with intelligent resource management\r\n- **API Integration**: Native integration with SecurityTrails, VirusTotal, Censys, and more\r\n- **Advanced Reporting**: Beautiful HTML reports, JSON exports, and real-time progress tracking\r\n- **Resume Capability**: Never lose progress with intelligent checkpointing system\r\n- **Smart Optimization**: Built-in resource monitoring and performance recommendations\r\n- **Production Ready**: Comprehensive error handling, logging, and validation\r\n\r\n### Perfect For:\r\n\r\n- **Security Researchers** conducting comprehensive domain reconnaissance\r\n- **Penetration Testers** performing thorough attack surface analysis\r\n- **Bug Bounty Hunters** discovering hidden subdomains and assets\r\n- **Security Teams** monitoring their organization's digital footprint\r\n- **Red Teams** gathering intelligence for advanced persistent threats\r\n\r\n## Key Features\r\n\r\n### Intelligent Enumeration\r\n\r\n- **12+ Tools Integrated**: subfinder, amass, findomain, assetfinder, sublist3r, knockpy, dnsrecon, fierce, massdns, altdns, waybackurls, linkheader\r\n- **7+ API Services**: SecurityTrails, VirusTotal, Censys, crt.sh, URLScan.io, ThreatCrowd, HackerTarget\r\n- **Custom Wordlists**: Support for custom brute-forcing dictionaries\r\n- **Smart Filtering**: Advanced filtering and deduplication\r\n\r\n### HTTP \u0026 Port Scanning\r\n\r\n- **httpx Integration**: Comprehensive HTTP probing with status codes, headers, and technologies\r\n- **smap Integration**: Fast port scanning with service detection\r\n- **Customizable Filters**: Filter by status codes, ports, and response patterns\r\n\r\n### Advanced Monitoring\r\n\r\n- **Real-time Progress**: Live progress bars with ETA calculations\r\n- **Resource Management**: CPU and memory monitoring with optimization tips\r\n- **Checkpoint System**: Save and resume interrupted scans seamlessly\r\n- **Comprehensive Logging**: Detailed logs for debugging and analysis\r\n\r\n### Professional Reporting\r\n\r\n- **Multiple Formats**: JSON, TXT, HTML, CSV, and security tool formats\r\n- **Security Tool Integration**: Export to OWASP ZAP, Burp Suite, and Nessus formats\r\n- **Customizable Output**: Flexible naming and directory structure\r\n- **Rich Metadata**: Detailed scan information and statistics\r\n- **Export Ready**: Compatible with other security tools and platforms\r\n\r\n## Quick Start\r\n\r\n### Installation\r\n\r\n```bash\r\n# Install from source\r\ngo install github.com/itszeeshan/subdomainx@latest\r\n\r\n# Or download pre-built binary\r\ncurl -sSL https://github.com/itszeeshan/subdomainx/releases/latest/download/subdomainx_$(uname -s)_$(uname -m).tar.gz | tar -xz\r\nsudo mv subdomainx /usr/local/bin/\r\n```\r\n\r\n### Basic Usage\r\n\r\n**Single Domain Enumeration:**\r\n\r\n```bash\r\nsubdomainx --subfinder --httpx example.com\r\n```\r\n\r\n**Multiple Domains:**\r\n\r\n```bash\r\necho \"example.com\" \u003e domains.txt\r\nsubdomainx --wildcard domains.txt --format html\r\n```\r\n\r\n**Security Tool Integration:**\r\n\r\n```bash\r\n# Export to OWASP ZAP format\r\nsubdomainx --subfinder --httpx --format zap example.com\r\n\r\n# Export to Burp Suite format\r\nsubdomainx --subfinder --httpx --format burp example.com\r\n\r\n# Export to Nessus format\r\nsubdomainx --subfinder --httpx --format nessus example.com\r\n\r\n# Export to CSV for spreadsheet analysis\r\nsubdomainx --subfinder --httpx --format csv example.com\r\n```\r\n\r\n**API-Powered Discovery:**\r\n\r\n```bash\r\n# Set API keys\r\nexport SECURITYTRAILS_API_KEY=\"your_key\"\r\nexport VIRUSTOTAL_API_KEY=\"your_key\"\r\nexport CENSYS_API_ID=\"your_id\"\r\nexport CENSYS_SECRET=\"your_secret\"\r\nexport URLSCAN_API_KEY=\"your_key\"\r\nexport HACKERTARGET_API_KEY=\"your_key\"\r\n\r\n# Use APIs\r\nsubdomainx --securitytrails --virustotal --censys --crtsh --urlscan --threatcrowd --hackertarget example.com\r\n```\r\n\r\n**High-Performance Scan:**\r\n\r\n```bash\r\nsubdomainx --threads 20 --timeout 60 --subfinder --amass --max-http-targets 1000 example.com\r\n```\r\n\r\n**Resume Interrupted Scan:**\r\n\r\n```bash\r\n# Resume from checkpoint\r\nsubdomainx --resume my_scan\r\n```\r\n\r\n\u003e **Pro Tip**: Always place flags before the domain argument:\r\n\u003e\r\n\u003e ```bash\r\n\u003e subdomainx --tools domain.com # Correct\r\n\u003e subdomainx domain.com --tools # Incorrect\r\n\u003e ```\r\n\r\n## Supported Tools\r\n\r\n### Enumeration Tools\r\n\r\n| Tool | Description | Installation |\r\n| --------------- | ---------------------------------- | ------------------------------------------------------------------------------------------ |\r\n| **subfinder** | Fast subdomain discovery | `go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest` |\r\n| **amass** | In-depth subdomain enumeration | `go install -v github.com/owasp-amass/amass/v4/...@master` |\r\n| **findomain** | Fast subdomain finder | `curl -LO https://github.com/findomain/findomain/releases/latest/download/findomain-linux` |\r\n| **assetfinder** | Find subdomains and related assets | `go install github.com/tomnomnom/assetfinder@latest` |\r\n| **sublist3r** | Python-based subdomain enumeration | `pip install sublist3r` |\r\n| **knockpy** | Subdomain enumeration tool | `pip install knockpy` |\r\n| **dnsrecon** | DNS enumeration tool | `pip install dnsrecon` |\r\n| **fierce** | DNS reconnaissance tool | `pip install fierce` |\r\n| **massdns** | High-performance DNS resolver | `git clone https://github.com/blechschmidt/massdns.git` |\r\n| **altdns** | Subdomain permutation tool | `pip install altdns` |\r\n| **waybackurls** | Wayback Machine URL finder | `go install github.com/tomnomnom/waybackurls@latest` |\r\n| **linkheader** | HTTP Link header parser | Built-in |\r\n\r\n### API Services\r\n\r\n| Service | Description | API Key Required |\r\n| ------------------ | --------------------------- | ---------------- |\r\n| **SecurityTrails** | Historical DNS data | ✅ |\r\n| **VirusTotal** | Threat intelligence | ✅ |\r\n| **Censys** | Internet-wide scanning data | ✅ |\r\n| **crt.sh** | Certificate Transparency | ❌ |\r\n| **URLScan.io** | Web scanning service | ✅ (optional) |\r\n| **ThreatCrowd** | Threat intelligence | ❌ |\r\n| **HackerTarget** | Security research platform | ✅ (optional) |\r\n\r\n### Scanning Tools\r\n\r\n| Tool | Description | Installation |\r\n| --------- | --------------- | ------------------------------------------------------------------ |\r\n| **httpx** | Fast HTTP probe | `go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest` |\r\n| **smap** | Port scanner | `go install github.com/s0md3v/smap/cmd/smap@latest` |\r\n\r\n## Documentation\r\n\r\n**[View Full Documentation](https://subdomainx.vercel.app)**\r\n\r\n- [Installation Guide](https://subdomainx.vercel.app/installation)\r\n- [CLI Reference](https://subdomainx.vercel.app/cli-reference)\r\n- [Examples \u0026 Use Cases](https://subdomainx.vercel.app/examples)\r\n- [Configuration](https://subdomainx.vercel.app/configuration)\r\n- [Supported Tools](https://subdomainx.vercel.app/supported-tools)\r\n\r\n## Advanced Examples\r\n\r\n### Comprehensive Reconnaissance\r\n\r\n```bash\r\n# Full enumeration with all tools\r\nsubdomainx --subfinder --amass --findomain --assetfinder --sublist3r \\\r\n --securitytrails --virustotal --censys \\\r\n --httpx --smap \\\r\n --format html --name comprehensive_scan example.com\r\n```\r\n\r\n### Targeted Enumeration\r\n\r\n```bash\r\n# Focus on specific tools for speed\r\nsubdomainx --subfinder --httpx --status-codes 200,301,302 \\\r\n --ports 80,443,8080,8443 --max-http-targets 500 example.com\r\n```\r\n\r\n### Custom Wordlist Brute Force\r\n\r\n```bash\r\n# Use custom wordlist for altdns\r\nsubdomainx --altdns --wordlist /path/to/custom_wordlist.txt example.com\r\n```\r\n\r\n### Resume and Monitor\r\n\r\n```bash\r\n# Start scan with monitoring\r\nsubdomainx --verbose --subfinder --amass --max-http-targets 1000 example.com\r\n\r\n# Later resume if interrupted\r\nsubdomainx --resume example_com_scan\r\n```\r\n\r\n## Contributing\r\n\r\nWe welcome contributions! Here's how you can help:\r\n\r\n1. **Report Bugs**: [Create an issue](https://github.com/itszeeshan/subdomainx/issues)\r\n2. **Suggest Features**: [Start a discussion](https://github.com/itszeeshan/subdomainx/discussions)\r\n3. **Submit PRs**: Fork the repo and submit pull requests\r\n4. **Improve Docs**: Help us make the documentation better\r\n5. **Star the Repo**: Show your support!\r\n\r\n### Development Setup\r\n\r\n```bash\r\ngit clone https://github.com/itszeeshan/subdomainx.git\r\ncd subdomainx\r\ngo mod download\r\ngo build -o subdomainx .\r\n```\r\n\r\n## License\r\n\r\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\r\n\r\n## Disclaimer\r\n\r\n**SubdomainX is designed for authorized security testing and research purposes only.**\r\n\r\n- Always ensure you have proper authorization before scanning any domain\r\n- Respect rate limits and terms of service of target systems\r\n- Use responsibly and ethically\r\n- The authors are not responsible for any misuse of this tool\r\n\r\n## Acknowledgments\r\n\r\n- All the amazing open-source tools that make SubdomainX possible\r\n- The security community for continuous feedback and improvements\r\n- Contributors and users who help make this tool better\r\n\r\n---\r\n\r\n\u003cdiv align=\"center\"\u003e\r\n \u003cp\u003e\u003cstrong\u003eHappy Hunting! 🎯\u003c/strong\u003e\u003c/p\u003e\r\n \u003cp\u003eMade with ❤️ by Zeeshan\u003c/p\u003e\r\n\u003c/div\u003e\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fitszeeshan%2Fsubdomainx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fitszeeshan%2Fsubdomainx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fitszeeshan%2Fsubdomainx/lists"}