Just another subdomain enumeration script :3
It's just a wrapper around some subdomain enumeration and fingerprinting tools, with some parallelization to save some time, not the best but it gets the job done.
All the tools' output are stored in these files:
domains.txtcontains all enumerated subdomains.live.txtcontains all live subdomains.gau.txtcontains the output of gau.fingerprint.outcontains httpx fingerprint results.
You have to change the path variable with the path of in which you'd like to store the DNS resolvers list to get amass working.
Also make sure to tweak the number of threads of the tools based on your machine/needs.
- More efficent parallelization (e.g gnu parallel)
- More tools & sources
- Subdomain bruteforcing