子域名收集
<h2 id="1-在线查询">1. 在线查询</h2><h3 id="dns查询-httpsdnsdumpstercom">DNS查询 https://dnsdumpster.com/</h3>
<p>查看DNS服务器<br>
<img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231009100627823-1374633513.png"><br>
查看邮箱服务器<br>
<img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231009100705632-443748373.png"><br>
查看子域名<br>
<img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231009100730914-43104651.png"></p>
<h3 id="fofa查询-fofahttpsfofainfo">fofa查询 fofa:https://fofa.info/</h3>
<p>domain="xxxxx.com"<br>
<img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231009101812353-142388803.png"></p>
<h3 id="360查询-httpsquake360netquakeindex">360查询: https://quake.360.net/quake/#/index</h3>
<p><img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231009103521535-1461901959.png"></p>
<h3 id="ip138查询-httpschaziyucomwatcherlabcom">ip138查询 https://chaziyu.com/watcherlab.com/</h3>
<p><img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231009102115803-1034935033.png"></p>
<h3 id="鹰图httpshunterqianxincom">鹰图:https://hunter.qianxin.com/</h3>
<p>domain="xx.com"<br>
<img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231009103813845-1641924735.png"></p>
<h2 id="2-工具查询">2. 工具查询</h2>
<p><strong>子域名挖掘机</strong></p>
<pre><code>链接:https://pan.baidu.com/s/10OjM1zXBNXwFRMsieFjwqQ
提取码:a9bg
--来自百度网盘超级会员V5的分享
</code></pre>
<p><img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231013132123939-1761810048.png"><br>
<strong>SubDomainBrute</strong></p>
<pre><code>链接:https://pan.baidu.com/s/16l61gPxAo4RwQ12EpEC9Wg
提取码:v5p7
--来自百度网盘超级会员V5的分享
</code></pre>
<p>git:https://github.com/lijiejie/subDomainsBrute<br>
需要安装环境pip3 install dnspython==2.2.1 async_timeout<br>
直接扫描:</p>
<pre><code class="language-shell">python subDomainsBrute.py watcherlab.com#默认使用subnames.txt
</code></pre>
<p><img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231013133159019-1880507930.png"></p>
<pre><code>python subDomainsBrute.py watcherlab.com -f subnames_full.txt#使用指定的字典扫描
</code></pre>
<p><img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231013133601095-119811840.png"></p>
<pre><code class="language-python">python subDomainsBrute.py watcherlab.com -f subnames_full.txt -t 600#指定线程为600,默认500
</code></pre>
<p>结果保存在**.txt中<br>
<strong>OneForAll</strong><br>
git链接:https://github.com/shmilylty/OneForAll</p>
<pre><code class="language-shell">python3 -m pip install -U pip setuptools wheel -i https://mirrors.aliyun.com/pypi/simple/ #使用 pip 工具来安装或升级 pip、setuptools 和 wheel 这三个 Python 包。其中 -U 参数表示升级已有的包,-i 参数指定了使用阿里云镜像站点来加速下载速度
pip3 install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
</code></pre>
<p>运行</p>
<pre><code class="language-shell">python oneforall.py --target example.com run
python oneforall.py --targets ./example.txt run
</code></pre>
<p><img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231013173532272-2039873846.png"><br>
结果保存在results中<br>
<img src="https://img2023.cnblogs.com/blog/2268481/202310/2268481-20231013174207085-1064328852.png"><br>
<strong>Sublist3r</strong><br>
git地址:https://github.com/aboul3la/Sublist3r</p><br><br>
来源:https://www.cnblogs.com/xrwcm/p/17750818.html
頁:
[1]