cmd@fb:/tmp|❯ wc -l 33m-subdomain-wordlist.txt
33927885 33m-subdomain-wordlist.txtcmd@fb:/tmp|❯ wc -l 15m_sub_wordlist.txt
15677820 15m_sub_wordlist.txtcmd@fb:~/Desktop|⇒ wc -l 11m_sub_wordlist.txt
11466866 11m_sub_wordlist.txt
cat 11m_sub_wordlist.txt | subgen -d "bing.com"> not_resolve_subdomain.txtecho "bing.com">bing.txt
comb -s="." 11m_sub_wordlist.txt bing.txt > not_resolve_subdomain.txtcat not_resolve_subdomain.txt | zdns A --threads 10000 --name-servers=1.1.1.1 | jq -r "select(.data.answers[0].name) | .name" |tee resolve_subdomain.txtulimit -n 100000sudo pip3 install aiodnsbruteaiodnsbrute yahoo.com -w /tmp/11m_sub_wordlist.txt -o csv -t 10000 -r resolver.txtresolver.txt=>1.1.1.1
cat yahoo.com.csv | cut -d, -f1 | grep yahoo.com>yahoo.com.txtfor i in $(cat 11m_sub_wordlist.txt); do echo $i".bing.com">>not_resolve_subdomain.txt; done #first method
cat 11m_sub_wordlist.txt | xargs -L1 -P20 -I@ bash -c "echo @.'bing.com'>>not_resolve_subdomain.txt" #second method
cat 11m_sub_wordlist.txt | awk '{print $1".bing.com"}'>not_resolve_subdomain.txt #third method
while read -r sub; do echo $sub".bing.com">>not_resolve_subdomain.txt ; done < 11m_sub_wordlist.txt # fourth method
echo "bing.com">bing.txt ; comb -s="." 11m_sub_wordlist.txt bing.txt > not_resolve_subdomain.txt #fifth method
cat 11m_sub_wordlist.txt | subgen -d "bing.com">not_resolve_subdomain.txt #sixth method
goaltdns -h bing.com -w /tmp/11m_sub_wordlist.txt -o not_resolve_subdomain.txt #seventh methodcat 3.txt
bing.com
tesla.com
google.comwhile read -r sub; do awk '{print $1".'$sub'"}' ~/a/10k.txt >> $sub_non_resolve.txt; done < cat 3.txtcat resolve.txt
1.1.1.1
8.8.8.8sudo ksubdomain -f not_resolve_subdomain.txt -e 0 -verify -o resolve.txt -s resolve.txt
cat not_resolve_subdomain.txt | zdns A --threads 10000 --name-servers=1.1.1.1 | jq -r "select(.data.answers[0].name) | .name" |tee resolve_subdomain.txt#!/usr/bin/env bash
if [ "$#" -ne 1 ]; then
echo "brute.sh domain.com"
exit 1
fi
bruteforce(){
domain=$1
wordlist="/tmp/1000.txt"
#wordlist=$2
printf "[*] Bruteorce $domain Start"
printf " \r"
cat $wordlist | awk -v url="$domain" '{print $1"."url}' > /tmp/notresolve-$domain.txt
cat /tmp/notresolve-$domain.txt| zdns A --threads 200 --name-servers=1.1.1.1 | jq -r "select(.data.answers[0].name) | .name" > /tmp/bruteforce-$domain.txt
cat /tmp/bruteforce-$domain.txt | grep -Eo "[a-zA-Z0-9._-]+\.$domain" | sort -u > resolve-$domain.txt
rm /tmp/notresolve-$domain.txt /tmp/bruteforce-$domain.txt
echo -e "[+] $domain Brute-Force Done : $(wc -l resolve-$domain.txt | awk '{ print $1}')"
}
bruteforce $1
#*Demo*
#wget https://raw.githubusercontent.com/rbsec/dnscan/master/subdomains-1000.txt -O /tmp/1000.txt
#bash brute.sh tesla.com
#Resolve
#cat /tmp/notresolve-$domain.txt|zdns A --threads 500 --name-servers=1.1.1.1 | jq -r "select(.data.answers[0].name) | .name" >/tmp/bruteforce-$domain.txt
#cat /tmp/notresolve-$domain.txt|dnsx -l -t 200 -o /tmp/bruteforce-$domain.txt
#cat /tmp/notresolve-$domain.txt|httpx -threads 100 -o /tmp/bruteforce-$domain.txtbash brute.sh bing.com