使用Golang编写的子域名检测程序,特点就是快、快、快。
扫描速度依赖于网络环境。1Mb带宽,200个goroutine,稳定1700左右/s的扫描速度。
默认为谷歌的DNS服务器,可自行配置其它DNS。
go get github.com/miekg/dns
go get github.com/hashicorp/go-multierror
go get github.com/fengdingbo/subdomain-scanner
cd $GOPATH/src/github.com/fengdingbo/subdomain-scanner/
make
./subdomain-scanner -h
Download compiled binaries from releases
Usage of ./subdomain-scanner -h
-axfr
DNS Zone Transfer Protocol (AXFR) of RFC 5936 (default true)
-d string
The target Domain
-depth int
Scan sub domain depth. range[>=1] (default 1)
-dns string
DNS global server (default "8.8.8.8/8.8.4.4")
-f string
File contains new line delimited subs (default "dict/subnames_full.txt")
-fw
Force scan with wildcard domain (default true)
-h Show this help message and exit
-l string
The target Domain in file
-o string
Output file to write results to (defaults to ./log/{target}).txt
-t int
Num of scan threads (default 200)
$./subdomain-scanner -d qq.com
=============================================
subdomain-scanner v0.4#dev
=============================================
[+] Threads : 200
[+] Domain : qq.com
[+] Dict : dict/subnames_full.txt
[+] Depth : 1
[+] Help : false
[+] Log : log/qq.com.txt
[+] DNSServer : 8.8.8.8/8.8.4.4
[+] WildcardDomain : true
[+] AXFC : true
[+] ScanDomainList : [qq.com]
=============================================
2018/12/10 00:05:05 [+] Validate DNS servers...
2018/12/10 00:05:05 [+] Found DNS Server 8.8.8.8/8.8.4.4
2018/12/10 00:05:05 [+] Validate AXFR of DNS zone transfer
2018/12/10 00:05:08 Starting
2018/12/10 00:05:52 All Done. 2146 found, 1744.6328/s, 76120 scanned in 43.63 seconds
2018/12/10 00:05:52 The output result file is log/qq.com.txt
- [2018-12-03]
- 更好的参数调用提示
- [2018-12-01]
- 支持DNS域传送
- 泛域名识别+扫描(泛域名得到的ip加入黑名单,继续爆破非黑名单ip)
- [2018-11-30]
- 重构并发逻辑
- go官方的net包,不够完善,好多RFC都不支持,比如RFC 4592,所以使用了一个第三方包来做dns解析,提升扫描效率。
- [2018-11-27]
- Demo雏形
- 可选dns服务器
- 自定义字典
- 并发扫描
- 泛域名识别+扫描(泛域名得到的ip加入黑名单,继续爆破非黑名单ip)
- 支持DNS域传送
- 从文件中获取需要检测的域名
- 支持DNS AAAA,ipv6检测
- 深度扫描(多级子域名检测)
- 自定义导出格式、计划支持txt、json等
- 更友好的参数调用提示
- 支持api接口调用
https://github.com/OJ/gobuster