Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cosad3s/subscout

All-in-one subdomains scout tool Docker image
https://github.com/cosad3s/subscout

enumeration osint subdomain

Last synced: 12 days ago
JSON representation

All-in-one subdomains scout tool Docker image

Host: GitHub
URL: https://github.com/cosad3s/subscout
Owner: cosad3s
License: gpl-2.0
Created: 2023-02-23T22:32:21.000Z (almost 2 years ago)
Default Branch: main
Last Pushed: 2024-02-29T10:50:54.000Z (10 months ago)
Last Synced: 2024-12-09T18:55:52.131Z (20 days ago)
Topics: enumeration, osint, subdomain
Language: Shell
Homepage:
Size: 52.7 KB
Stars: 6
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Subscout

**All-in-one subdomains passive scout tool Docker image.**
*No tool is perfect. Several subdomain finders exists and some of them are combined in this single Docker image to give one sorted output.*

## Requirements

- Docker

## Usage

```bash
┌─┐┬ ┬┌┐ ┌─┐┌─┐┌─┐┬ ┬┌┬┐
└─┐│ │├┴┐└─┐│ │ ││ │ │
└─┘└─┘└─┘└─┘└─┘└─┘└─┘ ┴

Usage of subscout by cosad3s.

-d Domain(s) to scout (separated by comma).
-f Force subscout Docker image to be rebuilt.
-h --Displays this help message. No further functions are performed.
```

**Example**

```bash
sudo ./subscout.sh -d example.org
```

*All results will be in the `output/example.org` folder*

## What's included ?

- [amass v3.23.3](https://github.com/OWASP/Amass):
- Powered by:
- APIs: *360PassiveDNS, Ahrefs, AnubisDB, BeVigil, BinaryEdge, BufferOver, BuiltWith, C99, Chaos, CIRCL, Cloudflare, DNSDB, DNSRepo, Deepinfo, Detectify, FOFA, FullHunt, GitHub, GitLab, Greynoise, HackerTarget, Hunter, IntelX, LeakIX, Maltiverse, Mnemonic, Netlas, Pastebin, PassiveTotal, PentestTools, Pulsedive, Quake, SOCRadar, Searchcode, Shodan, SonarSearch, Spamhaus, Sublist3rAPI, ThreatBook, ThreatCrowd, ThreatMiner, URLScan, VirusTotal, Yandex, ZETAlytics, ZoomEye*
- Certificates: *Active pulls (optional), Censys, CertCentral, CertSpotter, Crtsh, Digitorus, FacebookCT, GoogleCT*
- DNS: *Brute forcing, Reverse DNS sweeping, NSEC zone walking, Zone transfers, FQDN alterations/permutations, FQDN Similarity-based Guessing*
- Routing: *ASNLookup, BGPTools, BGPView, BigDataCloud, IPdata, IPinfo, RADb, Robtex, ShadowServer, TeamCymru*
- Scraping: *AbuseIPDB, Ask, Baidu, Bing, DNSDumpster, DNSHistory, DNSSpy, DuckDuckGo, Gists, Google, HackerOne, HyperStat, PKey, RapidDNS, Riddler, Searx, SiteDossier, Synapsint, Yahoo*
- Web Archives: *ArchiveIt, Arquivo, CommonCrawl, HAW, PublicWWW, UKWebArchive, Wayback*
- WHOIS: *AlienVault, AskDNS, DNSlytics, ONYPHE, SecurityTrails, SpyOnWeb, Umbrella, WhoisXMLAPI*
- **Set with:** *360PassiveDNS,ASNLookup,AbuseIPDB,Ahrefs,ArchiveIt,Arquivo,Ask,BGPTools,BGPView,Baidu,BigDataCloud,Bing,CIRCL,CertCentral,Cloudflare,DNSHistory,DNSSpy,DNSlytics,Deepinfo,Detectify,DuckDuckGo,FOFA,Gists,GitLab,Google,GoogleCT,Greynoise,HAW,HackerOne,HyperStat,IPdata,IPinfo,Maltiverse,Mnemonic,PKey,Pastebin,PentestTools,PublicWWW,Pulsedive,RADb,SOCRadar,Searchcode,Searx,ShadowServer,SonarSearch,Spamhaus,SpyOnWeb,Sublist3rAPI,Synapsint,TeamCymru,ThreatMiner,UKWebArchive,URLScan,Umbrella,Yahoo,Yandex,ZETAlytics*
- [subfinder](https://github.com/projectdiscovery/subfinder):
- Powered by: *AlienVault, AnubisDB, BeVigil, BinaryEdge, BufferOver, BuiltWith, C99, Censys, CertSpotter, Chaos, Chinaz, CommonCrawl, Digitorus, DnsDB, dnsdumpster, dnsrepo, FullHunt, Intelx, hackertarget, Hunter, LeakIX, PassiveTotal, quake, Netlas, RedHunt Labs, Robtex, SecurityTrails, Shodan, ThreatBook, VirusTotal, WhoisXML API, ZoomEye, ZoomEye API*
- **Set with:** *AlienVault, AnubisDB, BeVigil, BinaryEdge, BufferOver, BuiltWith, c99, CertSpotter, CommonCrawl, crtsh, Digitorus, dnsdumpster, FullHunt, GitHub, hackertarget, IntelX, LeakIX, Netlas, RapidDNS, Riddler, RedHunt Labs, Sitedossier, SecurityTrails, Shodan, VirusTotal, Wayback, ZoomEye API*
- [puncia](https://github.com/ARPSyndicate/puncia):
- **Powered by:** [SubdomainCenter](https://www.subdomain.center/)
- [fofax](https://github.com/xiecat/fofax):
- **Powered by**: Fofa
- [cero](https://github.com/glebarez/cero): to get domain names from certificates.

## Configuration

Add your credentials in `config/amass-config.ini` file if necessary for better result.
Use the file `config/amass-config-example.ini` as an example.

Add your credentials in `config/subfinder-config.yaml` file if necessary for better result.
Use the file `config/subfinder-config-example.yaml` as an example.

Add your FOFA credentials in `config/fofax-config.yaml` file if necessary for better result.
Use the file `config/fofax-config-example.yaml` as an example.