├── README.md
├── main.py
└── wordlist.txt


/README.md:
--------------------------------------------------------------------------------
 1 | # Subdomain crawler 
 2 | 
 3 | Brute force domain with a wordlist and return all the code 200 response.
 4 | 
 5 | # Tech part
 6 | 
 7 | This script uses a number of open source projects to work properly:
 8 | 
 9 | - requests
10 | - argparse
11 | - python
12 | 
13 | ### Usage
14 | 
15 | ```
16 | usage: main.py [-h] [-d DOMAIN] [-w WORDLIST]
17 | 
18 | optional arguments:
19 |   -h, --help            show this help message and exit
20 |   -d DOMAIN, --domain DOMAIN
21 |                         Domain that you want to crawl
22 |   -w WORDLIST, --worlist WORDLIST
23 |                         Wordlist default is in the working directory
24 | ```
25 | 
26 | ```
27 | python main.py -d google.com -w [default wordlist is in the repo]
28 | ```
29 | 
30 | ### Pictures
31 | 
32 | [![N|Solid](https://i.imgur.com/beKSyik.png)](https://i.imgur.com/beKSyik.png)
33 | 
34 | @LasCC
35 | 


--------------------------------------------------------------------------------
/main.py:
--------------------------------------------------------------------------------
 1 | import requests
 2 | import argparse
 3 | 
 4 | def get_arguments():
 5 |     parser = argparse.ArgumentParser()
 6 |     parser.add_argument("-d", "--domain", dest="domain", help="Domain that you want to crawl")
 7 |     parser.add_argument("-w", "--worlist", dest="wordlist", help="Wordlist default is in the working directory", default="./wordlist.txt")
 8 |     options = parser.parse_args()
 9 |     if not options.domain:
10 |         parser.error("[!] Please add an domain to proceed, --help for more informations.")
11 |     if not options.wordlist:
12 |         parser.error("[!] Please add a wordlist to proceed, --help for more informations.")
13 |     return options
14 | 
15 | def req(url):
16 |     try:
17 |         return requests.get("https://" + url)
18 |     except requests.exceptions.ConnectionError:
19 |         pass
20 | 
21 | options = get_arguments()
22 | target_url = str(options.domain)
23 | with open(options.wordlist, "r") as wordlists:
24 |     for l in wordlists:
25 |         w = l.strip()
26 |         url = w + "." + target_url
27 |         res = req(url)
28 |         if res:
29 |             print("[+] Subdomain found ! > " + url)
30 | 


--------------------------------------------------------------------------------