65 lines
1.6 KiB
Bash
65 lines
1.6 KiB
Bash
#!/bin/bash
|
|
|
|
get_tool_name() {
|
|
echo "Subdomain Enumerator"
|
|
}
|
|
|
|
get_tool_description() {
|
|
echo "Enumerate subdomains of a primary domain"
|
|
}
|
|
|
|
check_requirements() {
|
|
if ! command -v dig &> /dev/null; then
|
|
echo "dig is not available. Install it to continue."
|
|
exit 1
|
|
fi
|
|
|
|
if ! command -v amass &> /dev/null; then
|
|
echo "amass is not available. Install it to continue."
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
execute_tool() {
|
|
check_requirements
|
|
|
|
result=""
|
|
if [ -n "$domain" ]; then
|
|
if [[ "$domain" == *$'\n'* ]]; then
|
|
for single_domain in $domain; do
|
|
enumerate_subdomains "$single_domain"
|
|
done
|
|
else
|
|
enumerate_subdomains "$domain"
|
|
fi
|
|
else
|
|
result="No domains specified."
|
|
fi
|
|
|
|
echo -e "$result"
|
|
}
|
|
|
|
enumerate_subdomains() {
|
|
local primary_domain="$1"
|
|
|
|
result+="\e[1mEnumerating subdomains of $primary_domain:\e[0m\n"
|
|
|
|
# Perform DNS queries to enumerate subdomains
|
|
subdomains_dns=$(dig +short "$primary_domain" | grep -oE "([a-zA-Z0-9\-]+\.)*$primary_domain")
|
|
|
|
# Perform web-based enumeration using Amass
|
|
subdomains_web=$(amass enum -d "$primary_domain" -o - 2>/dev/null)
|
|
|
|
# Combine results from DNS and web-based enumeration
|
|
all_subdomains="$subdomains_dns\n$subdomains_web"
|
|
|
|
# Remove duplicates and sort the list
|
|
unique_subdomains=$(echo -e "$all_subdomains" | sort -u)
|
|
|
|
if [ -n "$unique_subdomains" ]; then
|
|
result+="$unique_subdomains\n"
|
|
else
|
|
result+="No subdomains found.\n"
|
|
fi
|
|
}
|