This is a Python script that scans for subdomains of a target website using a wordlist of domain names.
The Subdomain Scanner is a simple Python script that takes a target URL and a wordlist of domain names as input. It then appends each word in the wordlist to the target URL to create potential subdomains and sends HTTP requests to check if these subdomains are valid. If a subdomain responds with a successful HTTP status code (2xx), it is considered a discovered subdomain, and its details are printed to the console.
- Python 3.x
- requests library (can be installed using
pip install requests
)
To run the Subdomain Scanner, use the following command format:
python3 subdomain_crawler.py -u <target_url> -w <wordlist_file>
- The Subdomain Scanner supports the following options:
-u, --url
: (required) Specifies the target URL of the website for subdomain scanning.-w, --wordlist
: (required) Specifies the wordlist file in .txt format containing domain names for subdomain generation.-t, --thread
: (optional) Specifies the number of thread to work with.
-
To scan for subdomains of the target website
example.com
using the wordlistwordlist.txt
, run the following command:python3 subdomain_crawler.py -u example.com -w wordlist.txt
-
The script will then scan the subdomains and display discovered subdomains with their corresponding status codes and response times. The results will also be saved in the specified output file.
-
Wordlist-Based Subdomain Generation: The script takes a user-provided wordlist containing domain names and appends each word to the target URL, creating potential subdomains to scan.
-
HTTP Request Validation: The Subdomain Scanner sends HTTP requests to the generated subdomains and validates their responsiveness. If a subdomain responds with a successful HTTP status code (2xx), it is considered a discovered subdomain.
-
Real-Time Display: During the scanning process, the script displays real-time updates, showing each discovered subdomain along with its status code and response time.
Note: If you want to see only the successes, since you used sys.stderr
to write the x
and .
characters, invoke the script and redirect stderr
to /dev/null
so that only files you found are displayed on the console
python3 subdomain_crawler.py -u <target_url> -w <wordlist> 2> /dev/null
- Please ensure that you have proper authorization to scan and test the target website. Unauthorized scanning of websites or systems is illegal and unethical. Always obtain explicit permission from the website owner before performing any security assessments.
- For legal and responsible use of this script, it is recommended to target websites you own or have explicit permission to test for security vulnerabilities
v1.1.0 - 16/6/2024
:- adding threads functionality so the script can run much more faster and efficiency
- control the number of thread using
-t
or--thread
option(default=7)