Nature_SubdomainEnumeration

In-depth Subdomain Enumeration with Combined Tools

Simple script for in-depth subdomain enumeration with
-> Sublist3r
-> Amass
-> Aquatone
-> Subfinder
-> DNSMap
-> Fierce
Use every tool and give output for each one.
Combine Subdomains into one large and Unique Subdomain file.
Find Reverse-IP for each Subdomain and append it to FINAL result file.

Give FINAL result file contain BIG,UNIQUE,TOTAL Subdomain included Reverse-IP adresses.

After giving FINAL result file script start detailed port(80, 81, 443, 591, 2082, 2087, 2095, 2096, 3000, 8000, 8001, 8008, 8080, 8083, 8443, 8834, 8888) scan and give results.

Install Requirements

apt-get install sublist3r Install Sublist3r
apt-get install dnsmap Install DNSMAP
apt-get install fierce Install fierce

Install Different Aquatone
wget "https://github.com/michenriksen/aquatone/releases/download/v1.7.0/aquatone_linux_amd64_1.7.0.zip"
unzip aquatone_linux_amd64_1.7.0.zip
mv aquatone /usr/bin/aquatone

apt-get install amass Install Amass
gem install aquatone Install Aquatone
apt-get install golang Install Golang for Subfinder
GO111MODULE=on go get -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder Install Subfinder

Easy Install

$ chmod +x install.sh
$ /install.sh 

Usage For Only Extract Subdomains

$ chmod +x nature.sh
$ /nature.sh example.com

Usage For Scan Web Services After Extract Subdomains

$ chmod +x nature.sh
$ /nature.sh example.com scanwebserviceports