Findomain - A Tool That Use Certificate Transparency Logs To Find Subdomains
How it works?
It tool doesn't use the common methods for sub(domains) discover, the tool uses Certificate Transparency logs to find subdomains and it method make it tool very faster and reliable. If you want to know more about Certificate Transparency logs, read https://www.certificate-transparency.org/
Installation
If you want to install it, you can do that manually compiling the source or using the precompiled binary.
Manually: You need to have Rust installed in your computer first.
$ git clone https://github.com/Edu4rdSHL/findomain.git
$ cd findomain
$ cargo build --release
$ sudo cp target/release/findomain /usr/bin/
$ findomain
Using the binary:$ git clone https://github.com/Edu4rdSHL/findomain.git
$ sudo cp findomain/bin/findomain /usr/bin
$ findomain
Usage
You can use the tool in two ways, only discovering the domain name or discovering the domain + the IP address.
Usage:
findomain -i Return the subdomain list with IP address if resolved.
findomain Return the subdomain list without IP address.
findomain -f <file> Return the subdomain list for host specified in a file.
findomain -i -f <file> Return the subdomain list for host specified in a file with IP address if resolved.
Demo
Findomain - A Tool That Use Certificate Transparency Logs To Find Subdomains
Reviewed by Zion3R
on
6:28 PM
Rating: