Subdomain Enumeration Scanner is a cloud-first microservices tool designed to help you discover all the subdomains associated with a specific domain.
This tool provides a way to gather valuable information that can be used for security testing, or just gaining insights into a target domain's online presence.
The user initiates a POST request containing the target domain. Upon receiving the request, the handler parses and deserializes the payload into a local data structure. This data structure is then passed to a scan
method responsible for identifying subdomains related to the given domain.
-
Subdomain Discovery:
- The arguments are passed to
apiQuerySvc
,aiBruteSvc
, andbruteSvc
, which both return lists of subdomains. These lists are combined into a single result.
- The arguments are passed to
-
DNS Resolution:
- The combined subdomain list is passed to
dnsResolveSvc
, which resolves the subdomains into their corresponding DNS addresse.
- The combined subdomain list is passed to
-
Port Scanning:
- Here each subdomain are scanned for open ports.
-
Response Construction:
- The final list, including subdomains and their open ports, is sent back as a response to the
frontend
.
- The final list, including subdomains and their open ports, is sent back as a response to the
Service | Language | Description |
---|---|---|
frontend | Go | Exposes an HTTP server to serve the website. |
apiqueryservice | Typescript | Queries external api to get associated subdomains |
bruteservice | Rust | Uses the brute force methodology of finding subdomains |
dnsresolveservice | Java | Responsible for resolving domain names to its ip addresses |
portscanservice | Rust | Responsible for scanning subdomains for open ports |
aibruteservice | Python | Leverages Gen AI for finding subdomains by brute force using semantic understanding from target domain |
Technologies | Uses |
---|---|
Kubernetes | Container Orchestration System for managing containers |
Docker | A tool for packaging your application and its dependecies into an image that can be run as a container |
Helm | A dependency management tool for kubernetes environment. |
Github Actions | Used for setting up CI/CD to improve developement time. |
Open Telemetry | A standard for telemetry data. |
Jaeger | Used for handling metrics that comes from Open Telemetry. |
Prometheus | Responsible for storing service insights in a time series format |
Google Gemini | A cutting-edge LLM to generate subdomains based on sematic understanding. |
gRPC | A RPC framework for service-to-service communication used in microservices. |
Protocol Buffer | A serialization format used by gRPC to exchange data over HTTP 2.0 protocol. |
Fluent Bit | A log and metrics processor which serves as a cluster-level log collector agent. |
Elastic Search | A logging backend. |
Kibana | A data visualization dashboard for Elastic-search. |
AWS CDK | Used for AWS Infra Stack provisioning |
Copyright 2024 Subdomain Enumeration Tool
Licensed under the Apache License.
See LICENSE.md for more information.
Truly grateful for your support 💖
Happy Hacking!