punk-security / dnsReaper

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
GNU Affero General Public License v3.0
2.03k stars 167 forks source link

"Killed" for file with bulk number of sub/domains. #154

Open smaranchand opened 1 year ago

smaranchand commented 1 year ago

Screen Shot 2023-03-30 at 11 13 38 PM

SimonGurney commented 1 year ago

Thanks for raising this issue.

dnsReaper was never designed to handle such a high number of domains, but we do test it with subdomains from project discovery and it handled it ok.

It would be better to validate your subdomains exist first, using a DNS enumeration tool, and then passing the list into dnsReaper. It's common for your DNS provider to rate limit you after a few hundred requests for instance, which causes strange behaviour and results.

I will look into this though. I expect we are running out of memory but I will try and reproduce locally.