Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization.
- Perform subdomain enumeration using CIDR notation (Support input list).
- Perform subdomain enumeration using ASN (Support input list).
- Perform subdomain enumeration using a list of domains.
Installation
To install Nodesub, use the following command:
npm install -g nodesub
NOTE:
- Edit File
~/.config/nodesub/config.ini
This will display help for the tool. Here are all the switches it supports.
Examples
-
Enumerate subdomains for a single domain:
-
Enumerate subdomains for a list of domains from a file:
-
Perform subdomain enumeration using CIDR:
node nodesub.js -c 192.168.0.0/24 -o subdomains.txtnode nodesub.js -c CIDR.txt -o subdomains.txt -
Perform subdomain enumeration using ASN:
node nodesub.js -a AS12345 -o subdomains.txtnode nodesub.js -a ASN.txt -o subdomains.txt -
Enable recursive subdomain enumeration and output the results to a JSON file:
nodesub -u example.com -r -o output.json -f json
Output
The tool provides various output formats for the results, including:
- Text (txt)
- JSON (json)
- CSV (csv)
- PDF (pdf)
The output file contains the resolved subdomains, failed resolved subdomains, or all subdomains based on the options chosen.
