-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathsubd0my.py
78 lines (61 loc) · 1.97 KB
/
subd0my.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# standard library modules
import sys
import argparse
# external modules
import requests
from colorama import Fore
banner = """
_ _ ___
___ _ _| |__ __| |/ _ \ _ __ ___ _ _
/ __| | | | '_ \ / _` | | | | '_ ` _ \| | | |
\__ \ |_| | |_) | (_| | |_| | | | | | | |_| |
|___/\__,_|_.__/ \__,_|\___/|_| |_| |_|\__, |
|___/
"""
print(Fore.GREEN + banner+"\n")
def main():
# Parser to parse the arguemnts from the command line
parser = argparse.ArgumentParser(
epilog="\tExample: \r\npython3 "
+ sys.argv[0]
+ " -d google.com -w wordlist.txt -o output.txt"
)
# Arguments
parser.add_argument(
"-d", dest="domain", help="Domain name to scan for subdomains",
required=True,
)
parser.add_argument(
"-w", dest="wordlist", help="Wordlist of subdomains", required=True
)
parser.add_argument(
"-o", dest="output", help="Filename for the output file", required=True
)
args = parser.parse_args()
print(f"[+] Target: {args.domain}")
print("[+] Discovered subdomains: \n")
file = open(args.wordlist) # path to file
# read all content
content = file.read()
# split by new lines
subdomains = content.splitlines()
# brute forcing the sub doms
for subdomain in subdomains:
# construct the url
url = f"http://{subdomain}.{args.domain}"
try:
# if this raises an ERROR, that means the subdomain does not exist
requests.get(url)
except requests.ConnectionError:
# if the subdomain does not exist, just pass, print nothing
pass
else:
print(url)
# create a new text file
text_file = open(args.output, "a")
# write to the file
text_file.write(url + "\n")
if __name__ == "__main__":
main()