Sublist3r and how it works

Hey guys, I want to know about sublist3r and how it works thanks…

Just look it up on youtube. There are plenty of tutorials. Dont be lazy and make someone have to type an entire booklet

1 Like

It actually uses every technique to find the subdomains

such as using google dorks

1. site:{domain} -site:www.{domain}
2. site:{domain} -www.{domain}
3. domain:{domain} -www.{domain}

by making requests to different search engines and sites


# 1. Netcraft{domain}

# 2. Virustotal{domain}/subdomains

# 3. ThreadCrowd{domain}

# 4. Baidu{page_no}&wd={query}&oq={query}

# 5. Bing{query}&go=Submit&first={page_no}

#6. Ask{query}&page={page_no}&qid=8D6EE6BF52E0C04527E51F64F22C4534&o=0&l=dir&qsrc=998&qo=pagination

# 7. Yahoo{query}&b={page_no}

# 8. Google{query}&btnG=Search&hl=en-US&biw=&bih=&gbv=1&start={page_no}&filter=0

And then atlast, just removes the duplicate entries, and make a final list of subdomains

Also, It has a built-in wordlist which is used to bruteforce the guessable subdomains of target website.

It is a very simple tool, and as it is a open source project, just explore the tool and learn more

1 Like