- Joined
- Jan 8, 2019
- Messages
- 56,608
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,454
- Points
- 2,313
- Credits
- 32,600
6 Years of Service
76%
Sub 404 is a tool written in python which is used to check the possibility of subdomain takeover vulnerability and it is fast as it is Asynchronous.
Why
During the recon process, you might get a lot of subdomains(e.g more than 10k). It is not possible to test each manually or with traditional requests or the urllib method as it is very slow. Using Sub 404 you can automate this task in a much faster way. Sub 404 uses aiohttp/asyncio which makes this tool asynchronous and faster.
How it works
Sub 404 uses subdomains list from a text file and checks for url of 404 Not Found status code and in addition, it fetches CNAME(Canonical Name) and removes those URL which has target domain name in CNAME. It also combines results from subfinder and sublist3r(subdomain enumeration tool) if you don’t have target subdomains as two is better than one. But for this sublist3r and subfinder tools must be installed in your system. Sub 404 is able to check 7K subdomains in less than 5 minutes.
Key Features:
– Fast( as it is Asynchronous)
– Uses two more tool to increase efficiency
– Saves result in a text file for future reference
– Umm that’s it, nothing much!