A fast sub domain brute tool for pentesters, works with Python3.5+ or Python2.7.
DNSPython3.6+Python2.7Python3.8+
Python3.5+ users: pip3 install dnspython==2.2.1 async_timeout
Python2.7 users: pip install dnspython gevent
qq.com
Usage: subDomainsBrute.py [options] target.com
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-f FILE File contains new line delimited subs, default is
subnames.txt.
--full Full scan, NAMES FILE subnames_full.txt will be used
to brute
-i, --ignore-intranet
Ignore domains pointed to private IPs
-w, --wildcard Force scan after wildcard test failed
-t THREADS, --threads=THREADS
Num of scan threads, 500 by default
-p PROCESS, --process=PROCESS
Num of scan process, 6 by default
--no-https Disable get domain names from HTTPS cert, this can
save some time
-o OUTPUT, --output=OUTPUT
Output file name. default is {target}.txt
-w
too many file descriptors