This subfinder tutorial will be your guide to understanding its features, installation, and usage through hands-on examples. Subfinder is a powerful subdomain discovery tool that employs a passive online sources method to aggregate a list of valid subdomains for any target domain.
Features of Subfinder
Subfinder offers a wide range of features, making it one of the best tools for subdomain enumeration:
- It uses concurrent processes to speed up the enumeration.
- Includes various passive sources to maximize the discovery of subdomains.
- Provides integration with other tools and frameworks.
- Supports custom output filing for easy consumption in other tools.
- Has a simple and comprehensive configuration via a configuration file.
Installation Steps
Installing Subfinder is a straightforward process:
- Ensure you have Go installed on your system.
- Run the installation command:
GO111MODULE=on go get -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder
- Confirm the installation by checking the version:
subfinder -version
Usage and Examples
Now that Subfinder is installed, let’s dive into some practical usage examples:
Example 1: Basic Subdomain Enumeration
subfinder -d example.com
Output:
...list of subdomains...
Example 2: Enumeration with Threads
subfinder -d example.com -t 100
Example 3: Saving the Output to File
subfinder -d example.com -o example-output.txt
Example 4: Use a Specific Data Source
subfinder -d example.com -sources shallow
Example 5: Exclude Specific Data Sources
subfinder -d example.com -exclude-sources virusTotal
Example 6: Run in Silent Mode
subfinder -d example.com -silent
Example 7: Use Custom Resolver
subfinder -d example.com -r 1.1.1.1
Example 8: Enumerate Subdomains from a File
subfinder -dL domains.txt -o output.txt
Example 9: Run with Docker
docker run projectdiscovery/subfinder -d example.com
Example 10: Pipe Input from Another Process
echo example.com | subfinder
Conclusion
Subfinder is a versatile and powerful tool for subdomain enumeration, with its range of features apt for passive reconnaissance. The given examples showcase how Subfinder can be deployed in various scenarios to enhance your security assessments and research. Whether you’re a security professional or a developer, mastering Subfinder can be a valuable addition to your skillset.
References