Powerful Visual Subdomain Enumeration at the Click of a Mouse
Alternatives To Horn3t
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
8 months ago27March 01, 202017mitRuby
Powerfull XSS Scanning and Parameter analysis tool&gem
a year ago5gpl-3.0Python
Selenium powered Python script to automate searching for vulnerable web apps.
4 years ago3gpl-2.0Python
Powerful Visual Subdomain Enumeration at the Click of a Mouse
Awesome Testing Tools130
18 days ago6
:wrench: A curated list of awesome testing tools :wrench:
4 years agogpl-3.0Python
This tool helps you pentest THE PAST of a website.
3 years agoPython
A basic username enumeration and password spraying tool aimed at spraying Microsoft's DOM based authentication using selenium.
3 months agomitPython
A Selenium scraper for public domain search tools.
a year agoapache-2.0Python
PinkWave is a pentesting tool for linux which can be used to test (web)servers with Python scripts and Selenium.
Alternatives To Horn3t
Select To Compare

Alternative Project Comparisons

Horn3t - Better Subdomain Reconnaissance

  • Recon your targets at blazing speed
  • Enhance your productivity by focusing on interesting looking sites
  • Enumerate critical sites immediately
  • Sting your target

Horn3t is your Nr #1 tool for exploring subdomains visually.
Building on the great Sublist3r framework (or extensible with your favorite one) it searches for subdomains and generates awesome picture previews. Get a fast overview of your target with http status codes, add custom found subdomains and directly access found urls with one click.

demo preview


  • Install Google Chrome
  • Install requirements.txt with pip3
  • Install requirements.txt of sublist3r with pip3
  • Put the directory within the web server of your choice
  • Make sure to have the right permissions
  • Run horn3t.py

Or alternatively use the install.sh file with docker.
Afterwards you can access the web portal under http://localhost:1337


  • Better Scaling on Firefox
  • Add Windows Dockerfile
  • Direkt Nmap Support per click on a subdomain
  • Direkt Dirb Support per click on a subdomain
  • Generate PDF Reports of found subdomains
  • Assist with subdomain takeover


Horn3t is licensed under the GNU GPL license. take a look at the LICENSE for more information.

Respect legal restrictions and only conduct testing against infrastructure that you have permission to target.


  • aboul3la - The creator of Sublist3r; turbolist3r adds some features but is otherwise a near clone of sublist3r.
  • TheRook - The bruteforce module was based on his script subbrute.
  • bitquark - The Subbrute's wordlist was based on his research dnspop.

Tested on Windows 10 and Debian with Google Chrome/Chromium 73

Popular Selenium Projects
Popular Penetration Testing Projects
Popular Software Quality Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Penetration Testing
Security Tools
Selenium Webdriver
Security Audit
Web Security
Subdomain Scanner