nodesub's Introduction

NODESUB

Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization.

Features

Perform subdomain enumeration using CIDR notation (Support input list).
Perform subdomain enumeration using ASN (Support input list).
Perform subdomain enumeration using a list of domains.

Installation

To install Nodesub, use the following command:

npm install -g nodesub

NOTE:

Edit File ~/.config/nodesub/config.ini

✔️ Usage

nodesub -h

This will display help for the tool. Here are all the switches it supports.

Usage: nodesub [options]

Nodesub is a command-line tool for finding subdomains in bug bounty programs.

Options:
  -u, --url <domain>                     Main domain
  -l, --list <file>                      File with list of domains
  -c, --cidr <cidr/file>                 Perform subdomain enumeration using CIDR
  -a, --asn <asn/file>                   Perform subdomain enumeration using ASN
  -dns, --dnsenum                        Enable DNS Enumeration (if you enable this the enumeration process will be slow)
  -rl, --rate-limit <limit>              Rate limit for DNS requests (requests per second) (default: "0")
  -ip, --ips                             Ekstrak IPs in Subdomain Resolved
  -wl, --wildcard                        Filter subdomains by wildcard DNS resolution Default:(False)
  -r, --recursive                        Enable recursive subdomain enumeration
  -p, --permutations                     Enable subdomain permutations
  -re,--resolver <file>                  File with list of resolvers
  -w, --wordlist <file>                  Wordlist file
  -pr, --proxy <proxy>                   Proxy URL
  -pa, --proxy-auth <username:password>  Proxy authentication credentials
  -s, --size <size>                      Max old space size heap Default:(10048 MB)
  -d, --debug                            Show DNS resolution details
  -v, --verbose                          Enable verbose output
  -o, --output <file>                    Output file
  -f, --format <format>                  Output file format (txt, json, csv, pdf) (default: "txt")
  -h, --help                             display help for command

✔️ Examples

Enumerate subdomains for a single domain:
```
 nodesub -u example.com
```
Enumerate subdomains for a list of domains from a file:
```
 nodesub -l domains.txt
```

Perform subdomain enumeration using CIDR:

node nodesub.js -c 192.168.0.0/24 -o subdomains.txt

node nodesub.js -c CIDR.txt -o subdomains.txt

Perform subdomain enumeration using ASN:

node nodesub.js -a AS12345 -o subdomains.txt

node nodesub.js -a ASN.txt -o subdomains.txt

Enable recursive subdomain enumeration and output the results to a JSON file:
```
 nodesub -u example.com -r -o output.json -f json
```

Output

The tool provides various output formats for the results, including:

Text (txt)
JSON (json)
CSV (csv)
PDF (pdf)

The output file contains the resolved subdomains, failed resolved subdomains, or all subdomains based on the options chosen.

✔️ ***Contribution

You can contribute in following ways:

Give suggestions to make it better
Fix issues & submit a pull request

License

This project is licensed under the MIT License.

nodesub's People

Contributors

Stargazers

Watchers

nodesub's Issues

[!] Error running Sub-Finder: Command failed: [solution suggestion]

Hello, when using node sub, an error related to subfinder appeared in the middle of the scan. After a little look, I saw that the "-all" part at this point
const commands = [ 'subfinder -all -d "${domain}" -rl 100 -recursive', 'subfinder -all -d "${domain}" -rl 1000 -active', ];

in the runSubfinder function, which started on line 659 in nodesub.js, was not found in the subfinder, I don't know if it's just me, but I didn't know if it was the "-all" option in this section. I solved the leverage, I wanted to report in case others may have good improvements.

My system: [kali linux 2023.1]

I deliberately replaced the " ` " statements with " ' " in the command section as it caused problems in the report text.

CRT time out problem and Cannot read properties of undefined (reading 'replace')

[🔍] Start Processing Subdomain Enumerations: [dell.com]
[V] Total subdomains from DNS Cache Snooping: 0
[V] Total subdomains from SSL/TLS Certificates: 0
[V] Total subdomains from BGP Data Analysis: 2
[!] Error getting subdomains: ENOENT: no such file or directory, unlink 'dictionary.txt'
[V] Total subdomains from Baidu: 0
[V] Total subdomains from Bing: 2
[V] Total subdomains from Anubis: 13691
[V] Total subdomains from Alienvault: 254
[🔍] Processing Subdomain Enumerations With crt.sh /
[!] Error running crt.sh: timeout of 70000ms exceeded
[V] Total subdomains from crt.sh: 0

[!] Error occurred while processing subdomain enumerations: Cannot read properties of undefined (reading 'replace')

pikpikcu / nodesub Goto Github PK