Skip to content
/ SubEcho Public

A cross-platform subdomain enumeration and WAF detection tool written in Python.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

john-holt4/SubEcho

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
SubEcho
SubEcho
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
logo.png
logo.png
 
 
requirements.txt
requirements.txt
 
 
screenshot.png
screenshot.png
 
 

Repository files navigation

SubEcho: Cross-Platform Subdomain Enumeration & WAF Detection

SubEcho Logo

Overview

SubEcho is a cross-platform subdomain enumeration and WAF detection tool written in Python. It queries multiple data sources (crt.sh, SecurityTrails, RapidDNS, WebArchive, AlienVault OTX, HackerTarget, and urlscan.io) to discover subdomains, checks if they’re down, and attempts to detect if a subdomain is behind a known WAF (Web Application Firewall).

Author: John Holt

Screenshot

SubEcho Screenshot

Features

  • Enumerates subdomains from various well-nown data sources
  • Distinguishes between online and offline subdomains
  • Scans for WAF signatures in headers and cookies
  • Saves results to a timestamped file for easy reference
  • Provides optional verbose logs for troubleshooting

Requirements

  • Python 3.7
  • PIP (the standard Python package manager)

Installation

  1. Clone the repository:
git clone https://github.com/john-holt4/SubEcho.git
cd SubEcho
  1. Install Python dependencies:
pip install -r requirements.txt
  • aiohttp — for asynchronous HTTP requests
  • rich — for beautiful console output
  1. (Optional) SecurityTrails API key: If you have a SecurityTrails account, pass the API key via -k YOUR_API_KEY to unlock deeper subdomain discovery. Otherwise, that source is skipped.

Usage

Run the tool using Python:

ptyhon subecho.py -d example.com

Where example.com is your target domain.

Arguments

  • -d, --domain [Required] The target domain, e.g. -d example.com
  • -k, --apikey (Optional) A SecurityTrails API key for additional subdomain data
  • -v, --verbose Enable verbose mode for debug info

Examples

  1. Basic usage:
python subecho.py -d example.com
  1. Enable verbose mode:
python subecho.py -d example.com -v
  1. Use SecurityTrails:
python subecho.py -d example.com -k YOUR_API_KEY

How It Works

  1. Banner & Validation
  • Displays a banner and validates the main domain format.
  1. Subdomain Enumeration
  • Gathers subdomains from multiple sources (CRT.sh, RapidDNS, etc.)
  1. Online/Offline Check
  • Attempts DNS resolution for each discovered subdomain.
  1. WAF Detection
  • For subdomains that resolve, sends HTTP(S) requests to detect known WAF signatures.
  1. Save & Display Results
  • Outputs a Rich-formatted table in the console
  • Saves results to a .txt file with a timestamp (e.g. example.com-20250113-120000.txt)

Contributing

  1. Fork this project
  2. Create your feature branch: git checkout -b my-new-feature
  3. Commit your changes: git commit -am 'Add new feature'
  4. Push to the branch: git push origin my-new-feature
  5. Create a new Pull Request on GitHub

License

This repository is licensed under MIT License. See LICENSE for details.

Made with ❤️ and Python

About

A cross-platform subdomain enumeration and WAF detection tool written in Python.

Topics

cybersecurity infosec subdomain-enumeration waf-detection

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

SubEcho v1.1 - Expanded WAF Detection & Enhanced UI Latest
Jan 15, 2025
+ 1 release

Languages