Anubis Subdomain enumeration is one of the first steps in the information gathering phase and is required to get a full scope of the attack surfaces of your target.
It collates data from a variety of sources to provide one of the most comprehensive tools for subdomain enumeration. It pulls subdomains from public sources, indexed search results, and AnubisDB, a centralized, open API for subdomains.
It is able to identify all key servers behind the domains and output any IPs of interest.
For instance, running the same command as above with the -p flag gives us all the unique resolved IP addresses, which allows a security researcher to get a more comprehensive idea of the scope of their target.
If you are running Linux, the following are also required:
sudo apt-get install python3-pip python-dev libssl-dev libffi-dev
Note: Python 3.6 is required
pip3 install anubis-netsec
git clone [email protected]:jonluca/Anubis.git
pip3 install -r requirements.txt
Also, it extracts information from less used, but potentially rewarding avenues, including DNSSEC subdomain lists and Zone Transfers. Complete details can be found here.
It is Developed by JonLuca De Caro