dEEpEst
☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
- Joined
- Mar 29, 2018
- Messages
- 13,859
- Solutions
- 4
- Reputation
- 27
- Reaction score
- 45,545
- Points
- 1,813
- Credits
- 55,080
7 Years of Service
56%
Subdomain Enumeration Using Rapiddns.io
If you ran the function definition in the terminal, you can use it directly:
This will make a request to
, will extract subdomains, convert them to lowercase, and sort them by removing duplicates.
If you want the function to be available in a script, save it in a file, for example rapiddns.sh :
Then, give it execute permissions and use it:
If you want rapiddns to always be available without having to define it each time, add it to your shell configuration file:
1. For Bash (used on most Linux systems):
Then, add the function to the end of the file and save the changes (Ctrl + X, then Y and Enter).
2. For Zsh (if you use zsh, such as on macOS or Kali Linux):
Add the function at the end and save.
3. Load changes without restarting the terminal:
Now you can use rapiddns on any terminal with:
Disclaimer: The content shared in this forum is for educational and informational purposes only. We promote ethical cybersecurity practices and do not support or condone any illegal activities. Any misuse of the information provided is solely the responsibility of the user. Always ensure compliance with local laws and ethical guidelines when conducting security research.
GitHub
Function
Bash:
function rapiddns() {
curl -s "https://rapiddns.io/subdomain/$1?full=1" | grep -oE "[\.a-zA-Z0-9-]+\.$1" | tr '[:upper:]' '[:lower:]' | sort -u
}Using the Terminal (Current Session)
If you ran the function definition in the terminal, you can use it directly:
Bash:
rapiddns example.comThis will make a request to
This link is hidden for visitors. Please Log in or register now.
Use in a Bash Script
If you want the function to be available in a script, save it in a file, for example rapiddns.sh :
Bash:
#!/bin/bash
function rapiddns() {
curl -s "https://rapiddns.io/subdomain/$1?full=1" | grep -oE "[\.a-zA-Z0-9-]+\.$1" | tr '[:upper:]' '[:lower:]' | sort -u
}
rapiddns "$1"Then, give it execute permissions and use it:
Bash:
chmod +x rapiddns.sh
./rapiddns.sh example.comPermanent Use on your System
If you want rapiddns to always be available without having to define it each time, add it to your shell configuration file:
1. For Bash (used on most Linux systems):
Bash:
nano ~/.bashrcThen, add the function to the end of the file and save the changes (Ctrl + X, then Y and Enter).
2. For Zsh (if you use zsh, such as on macOS or Kali Linux):
Bash:
nano ~/.zshrcAdd the function at the end and save.
3. Load changes without restarting the terminal:
Bash:
source ~/.bashrc # For Bash
source ~/.zshrc # For ZshNow you can use rapiddns on any terminal with:
Bash:
rapiddns example.comContext of Use
- It is used to list subdomains of any given domain.
- It is useful in security testing, information gathering, and pentesting.
- You can combine it with other tools like httprobe, aquatone, or nmap for more detailed analysis.
Disclaimer: The content shared in this forum is for educational and informational purposes only. We promote ethical cybersecurity practices and do not support or condone any illegal activities. Any misuse of the information provided is solely the responsibility of the user. Always ensure compliance with local laws and ethical guidelines when conducting security research.GitHub
Last edited: