How to use it???

Question

How to use it???

62040132 opened this issue 3 years ago · 3 comments

62040132 commented 3 years ago

nisha@Nishant:/mnt/c/Users/nisha/Downloads/skanuvaty-master$ skanuvaty --target google.com --dns-resolver 10.64.0.1:53 --concurrency 16 --subdomains-file dns.txt
######################
### Target: "google.com"
### DNS resolver: 10.64.0.1:53
### Concurrency: 16
### Subdomains File: "dns.txt"
### Output File: "./skanuvaty.output.json"
### Verbose: false
######################
⠁ [00:00:00] [==============================] 0/0 (0s) (Found: )
######################
### Found subdomains: 0
  [00:00:00] [==============================] 0/0 (0s) (Found: 0)
Domain didn't have any addresses
RootDomain {
    name: "google.com",
    subdomains: [],
    addresses: [],
}

Add a proper guide please.

Answer 1 · 2022-05-09T11:16:21.000Z

This is a subdomain enumeration tool.
You need a text file, dns.txt, as per guides which contains list of words that are possibly subdomains and provide it to the command.

For eg:

And run the command with:

skanuvaty --target google.com --dns-resolver 1.1.1.1:53 --concurrency 16 --subdomains-file dns.txt

The result would be like this

######################
### Target: "google.com"
### DNS resolver: 1.1.1.1:53
### Concurrency: 16
### Subdomains File: "dns.txt"
### Output File: "./skanuvaty.output.json"
### Verbose: false
######################
⠙ [00:00:00] [==========================>   ] 8/9 (0s) (Found: 3)
######################
### Found subdomains: 4
  [00:00:00] [==============================] 9/9 (0s) (Found: 4)
RootDomain {
    name: "google.com",
    subdomains: [
        Subdomain {
            name: "blog.google.com",
            addresses: [
                Address {
                    ip: 142.250.71.41,
                },
            ],
        },
        Subdomain {
            name: "mail.google.com",
            addresses: [
                Address {
                    ip: 216.58.196.165,
                },
            ],
        },
        Subdomain {
            name: "docs.google.com",
            addresses: [
                Address {
                    ip: 142.250.205.238,
                },
            ],
        },
        Subdomain {
            name: "chat.google.com",
            addresses: [
                Address {
                    ip: 142.250.193.110,
                },
            ],
        },
    ],
    addresses: [
        Address {
            ip: 142.250.182.14,
        },
    ],
}

I hope this makes it more clear. :)

For fun, you can use the subdomain wordlist from sublist3r, all credits to sublist3r team.
It is available here:
https://raw.githubusercontent.com/aboul3la/Sublist3r/master/subbrute/names.txt

Save it as name.txt. Then the command would be:

skanuvaty --target google.com --dns-resolver 1.1.1.1:53 --concurrency 16 --subdomains-file names.txt

Have fun! :)

Answer 2 · 2022-05-17T17:19:47.000Z

Thanks man ❤️. This guide made it easier to understand. It will help others also :)

Answer 3 · 2023-07-22T20:48:19.000Z

I'd love to help write a usage guide to merge with README. Regarding long-term use, besides keeping the executable in ~/Downloads/, where would you put this? /usr/local/bin? Regarding usage, what are the dependencies? It's not clear from the README. Thanks!