#Subdomain

Showing 42 of 42 repositories tagged #subdomain, ranked by stars

owasp-amass
owasp-amass
amass

In-depth attack surface mapping and asset discovery

Score
100
★ 14.8k ⑂ 2.1k +38/day
Go
shmilylty
shmilylty
OneForAll

OneForAll是一款功能强大的子域收集工具

Score
100
★ 9.9k ⑂ 1.4k +23/day
Python
six2dez
six2dez
reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Score
100
★ 7.8k ⑂ 1.2k +60/day
Shell
EdOverflow
EdOverflow
can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Score
0
★ 5.7k ⑂ 803 +1/day
Python
tobychui
tobychui
zoraxy

A general purpose HTTP reverse proxy and forwarding tool. Now written in Go!

Score
83
★ 5.3k ⑂ 310 +21/day
HTML
guelfoweb
guelfoweb
knockpy

Knock Subdomain Scan

Score
96
★ 4.2k ⑂ 882 +1/day
Python
d3mondev
d3mondev
puredns

Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

Score
89
★ 2.2k ⑂ 191 +4/day
Go
haccer
haccer
subjack

DNS Takeover tool written in Go

Score
67
★ 2.1k ⑂ 350
Go
j3ssie
j3ssie
metabigor

OSINT tools and more but without API key

Score
93
★ 1.6k ⑂ 188 +30/day
Go
m3n0sd0n4ld
m3n0sd0n4ld
GooFuzz

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

Score
86
★ 1.6k ⑂ 158 +1/day
Shell
k8gege
k8gege
K8CScan

K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动

Score
82
★ 1.3k ⑂ 330
Python
Ice3man543
Ice3man543
SubOver

A Powerful Subdomain Takeover Tool

Score
50
★ 966 ⑂ 198
Go
pwnesia
pwnesia
dnstake

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

Score
33
★ 853 ⑂ 75 +1/day
Go
celrenheit
celrenheit
lion

Lion is a fast HTTP router for building modern scalable modular REST APIs in Go

Score
17
★ 740 ⑂ 31
Go
blark
blark
aiodnsbrute

Python 3.5+ DNS asynchronous brute force utility

Score
79
★ 674 ⑂ 118
Python
Cgboal
Cgboal
SonarSearch

A rapid API for the Project Sonar dataset

Score
75
★ 656 ⑂ 95 +1/day
Go
3nock
3nock
OTE

OSINT Template Engine

Score
71
★ 577 ⑂ 63
C
v4d1
v4d1
Dome

Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

Score
68
★ 541 ⑂ 75 +1/day
Python
is-a-software
is-a-software
is-a-software

Free .is-a.software subdomain for developers

Score
0
★ 484 ⑂ 116 +2/day
JavaScript
abint7
abint7
free-domains

Free subdomains for personal sites, open-source projects, and more.

Score
0
★ 477 ⑂ 55 +6/day
Stratus-Security
Stratus-Security
Subdominator

The Internets #1 Subdomain Takeover Tool

Score
54
★ 310 ⑂ 28
C#
trickest
trickest
mksub

Generate tens of thousands of subdomain combinations in a matter of seconds

Score
50
★ 276 ⑂ 27
Go
Pokymon
Pokymon
foo.ng

Free subdomains for everyone.

Score
100
★ 234 ⑂ 161
trickest
trickest
dsieve

Filter and enrich a list of subdomains by level

Score
46
★ 212 ⑂ 25
Go
Fundacio-i2CAT
Fundacio-i2CAT
InfoHound

InfoHound is an OSINT to extract a large amount of data given a web domain name.

Score
61
★ 162 ⑂ 17
Python
jimen0
jimen0
fdns

Concurrent Rapid7 FDNS dataset parser

Score
0
★ 93 ⑂ 15
Go
The404Hacking
The404Hacking
XsSCan

XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]

Score
43
★ 87 ⑂ 18
Python
enenumxela
enenumxela
subdomains.sh

A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.

Score
39
★ 79 ⑂ 12
Shell
eredotpkfr
eredotpkfr
subscan

⚡ A subdomain enumeration tool leveraging diverse techniques, designed for advanced pentesting operations

Score
0
★ 52 ⑂ 2
Rust
rix4uni
rix4uni
subdog

A powerful subdomain enumeration tool that aggregates data from multiple sources to create comprehensive lists of root subdomains.

Score
64
★ 50 ⑂ 11 +1/day
Go
Macmod
Macmod
STARS

A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services that could possibly lead to subdomain takeover scenarios.

Score
25
★ 49 ⑂ 6
Python
hahwul
hahwul
ras-fuzzer

RAS(RAndom Subdomain) Fuzzer

Score
32
★ 43 ⑂ 15
Go
HunxByts
HunxByts
SubDump

a tool that functions to find subdomains of a website with the scanning method

Score
21
★ 42 ⑂ 9
Python
0xNayel
0xNayel
MonMon

Monitoring Monster (MonMon) is a monitoring tool for bug bounty hunters. It tracks changes across subdomains, HTTP endpoints, shell command output, and bug bounty program scopes. When something changes, you get alerted on Telegram, Discord and others.

Score
57
★ 42 ⑂ 8
TypeScript
BitTheByte
BitTheByte
Domainker

BugBounty Tool

Score
36
★ 40 ⑂ 17
Python
ph4ntonn
ph4ntonn
Behold3r

👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱

Score
18
★ 33 ⑂ 7
Python
HJ23
HJ23
Raptor

Passive subdomain enumeration tool with http-probe.

Score
11
★ 32 ⑂ 4
Python
Archive-Puma
Archive-Puma
Elliot

:bust_in_silhouette: A framework to automate the OSINT process at night

Score
14
★ 31 ⑂ 5
Go
kljunowsky
kljunowsky
HuntersEye

HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains. The primary goal is to streamline and expedite the process of monitoring newly registered subdomains and SSL certificates related to specified target domains.

Score
7
★ 21 ⑂ 2
Python
cyb3rzest
cyb3rzest
vasuki

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.

Score
29
★ 19 ⑂ 8
Shell
solo10010
solo10010
reconWTF

:boom: This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for Web Sites, portals, and Organizations.

Score
4
★ 12 ⑂ 6
Shell
NeverSpot
NeverSpot
sub4bug

This is automation tool which utilize 2 sub -domain finder and then sort out working sub-domain and finally scan for sub-doamin TAKEOVER.

Score
0
★ 11 ⑂ 1
Shell
Related Topics
#bugbounty#pentesting#recon#osint#penetration-testing#security#subdomain-enumeration#hacking#enumeration#bug-bounty#reconnaissance#dns

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly