Open 62040132 opened 2 years ago
This is a subdomain enumeration tool. You need a text file, dns.txt, as per guides which contains list of words that are possibly subdomains and provide it to the command.
For eg:
And run the command with:
skanuvaty --target google.com --dns-resolver 1.1.1.1:53 --concurrency 16 --subdomains-file dns.txt
The result would be like this
######################
### Target: "google.com"
### DNS resolver: 1.1.1.1:53
### Concurrency: 16
### Subdomains File: "dns.txt"
### Output File: "./skanuvaty.output.json"
### Verbose: false
######################
⠙ [00:00:00] [==========================> ] 8/9 (0s) (Found: 3)
######################
### Found subdomains: 4
[00:00:00] [==============================] 9/9 (0s) (Found: 4)
RootDomain {
name: "google.com",
subdomains: [
Subdomain {
name: "blog.google.com",
addresses: [
Address {
ip: 142.250.71.41,
},
],
},
Subdomain {
name: "mail.google.com",
addresses: [
Address {
ip: 216.58.196.165,
},
],
},
Subdomain {
name: "docs.google.com",
addresses: [
Address {
ip: 142.250.205.238,
},
],
},
Subdomain {
name: "chat.google.com",
addresses: [
Address {
ip: 142.250.193.110,
},
],
},
],
addresses: [
Address {
ip: 142.250.182.14,
},
],
}
I hope this makes it more clear. :)
For fun, you can use the subdomain wordlist from sublist3r, all credits to sublist3r team. It is available here: https://raw.githubusercontent.com/aboul3la/Sublist3r/master/subbrute/names.txt
Save it as name.txt
. Then the command would be:
skanuvaty --target google.com --dns-resolver 1.1.1.1:53 --concurrency 16 --subdomains-file names.txt
Have fun! :)
Thanks man ❤️. This guide made it easier to understand. It will help others also :)
I'd love to help write a usage guide to merge with README. Regarding long-term use, besides keeping the executable in ~/Downloads/, where would you put this? /usr/local/bin? Regarding usage, what are the dependencies? It's not clear from the README. Thanks!
Add a proper guide please.