Sububy – A Modular Ruby Suite for Subdomain Enumeration
Sububy是一款基于Ruby的全能子域枚举工具,包含10个核心模块如证书透明度查询、字典攻击等。适用于红队侦察和漏洞赏金筛选。支持模块链式调用和API集成,但需Ruby环境且部分API有限。 2025-6-27 01:0:0 Author: www.darknet.org.uk(查看原文) 阅读量:3 收藏

Sububy is an all-in-one subdomain enumeration tool written in Ruby by A3h1nt. It focuses on modularity and accurate discovery, making it useful for red team reconnaissance, OSINT workflows, and bug bounty triage.

Sububy - A Modular Ruby Suite for Subdomain Enumeration

What It Does

Sububy includes ten core modules:

  • Cert – uses Certificate Transparency logs
  • Brute – performs wordlist-based brute force
  • Dnsd – queries DnsDumpster (API key required)
  • Vtotal – retrieves data from VirusTotal (API key required)
  • WebArch – extracts historical domains from the Wayback Machine
  • Csp – scrapes subdomains from Content Security Policy headers
  • Sort – removes duplicates from output
  • Live – checks for live web services
  • Sshot – captures screenshots of live targets
  • Info – collects HTTP response codes and headers

Modules can be run individually or chained together via CLI or from within Ruby itself.

Installation and Usage

git clone https://github.com/A3h1nt/Sububy.git

cd Sububy

bundle install

Run a full scan:

ruby Sububy.rb example.com cert brute dnsd vtotal webarch csp

Strengths

  • Modular and scriptable
  • Useful API integrations
  • Screenshot and HTTP response data for post-enum triage
  • Suitable for headless workflows via IRB or CLI
  • Lightweight dependency set (Ruby + gems)

Limitations

  • Ruby is required, which may not be preinstalled in many environments
  • API limits apply for Dnsd and Vtotal modules
  • Focuses more on precision than volume (not a replacement for massdns)
  • No built-in JSON output or API for direct integration

When to Use It

Sububy is ideal for:

  • Reconnaissance in stealth-focused environments
  • Bug bounty triage for live hosts and headers
  • Adding contextual intelligence (e.g. screenshots, CSP leaks)
  • Workflow integration with other Ruby-based tools

Use Sububy when you want more than just domain names—particularly when you need to verify what’s alive, what’s misconfigured, or what headers are exposed.

Recommendations

  • Integrate Sububy into a larger recon pipeline by chaining outputs to Nmap or HTTP probing tools
  • Use the Sort and Live modules after any brute force or CT scan to reduce noise
  • Consider saving screenshots and headers for post-assessment analysis or reporting
  • Pair with assetfinder or amass to compare coverage across passive sources

You can read more or download Sububy here: https://github.com/A3h1nt/Sububy

Reader Interactions


文章来源: https://www.darknet.org.uk/2025/06/sububy-a-modular-ruby-suite-for-subdomain-enumeration/
如有侵权请联系:admin#unsafe.sh