Red Teaming and Web Bug Bounty Fast Asset Identification Tool

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

🏄‍♂️ SubSurfer

Python Version License Version

SubSurfer is a fast and efficient subdomain enumeration and web property identification tool. alt text


🌟 Features

  • Red Team/Bug Bounty Support: Useful for both red team operations and web bug bounty projects
  • High-Performance Scanning: Fast subdomain enumeration using asynchronous and parallel processing
  • Port Scanning: Expand asset scanning range with customizable port selection
  • Web Service Identification: Gather environmental details such as web servers and technology stacks
  • Pipeline Integration: Supports integration with other tools using -pipeweb and -pipesub options
  • Modular Design: Can be imported and used as a Python module
  • Continuous Updates: - Continuous Updates: New passive/active modules will continue to be added

🚀 Installation

bash

git clone https://github.com/arrester/subsurfer.git
cd subsurfer

or

Python

pip install subsurfer

📖 Usage

CLI Mode

Basic Scan
subsurfer -t vulnweb.com

Enable Active Scanning
subsurfer -t vulnweb.com -a

Include Port Scanning
subsurfer -t vulnweb.com -dp # Default Port
subsurfer -t vulnweb.com -p 80,443,8080-8090 # Custom ports

Pipeline Output
subsurfer -t vulnweb.com -pipeweb # Output only web server
subsurfer -t vulnweb.com -pipesub # Output only subdomain results

Using as a Python Module

Subdomain Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1,
        active=False            # Active Scan Option
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Print results
    print(f"Discovered Subdomains: {len(subdomains)}개")
    for subdomain in sorted(subdomains):
        print(subdomain)

if __name__ == "__main__":
    asyncio.run(main())

Port Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Default ports (80, 443)
    ports = None

    # Set port scan options
    # ports = controller.parse_ports()  # Default ports
    # Or specify custom ports
    # ports = controller.parse_ports("80,443,8080-8090")
    
    # Web service scanning
    web_services = await controller.scan_web_services(subdomains, ports)
    
    # Print web servers
    print("\n웹 서버:")
    for server in sorted(web_services['web_servers']):
        print(f"https://{server}")
    
    # Print active services
    print("\n활성화된 서비스:")
    for service in sorted(web_services['enabled_services']):
        print(service)
        
    # Print discovered URLs and ports
    print("\n발견된 URL:")
    for subdomain, urls in web_services['all_urls'].items():
        for url, port in urls:
            print(f"{url}:{port}")

if __name__ == "__main__":
    asyncio.run(main())

Result Save

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController("vulnweb.com")
    
    # Collect subdomains and scan web services
    subdomains = await controller.collect_subdomains()
    web_services = await controller.scan_web_services(subdomains)
    
    # Save results
    results_dict = {
        'subdomains': subdomains,
        'web_services': web_services.get('web_services', {}),
        'web_servers': web_services.get('web_servers', set()),
        'enabled_services': web_services.get('enabled_services', set()),
        'all_urls': web_services.get('all_urls', {})  # Includes URL and port information
    }
    
    # Generate default result file path (stored in the "results" directory)
    output_path = controller.get_output_path()
    controller.save_results(results_dict, output_path)

if __name__ == "__main__":
    asyncio.run(main())

🧪 Testing

Passive Handler Test

pytest tests/handlers/test_passive_handler.py -v


Active Handler Test

pytest tests/handlers/test_active_handler.py -v


🗺️ To-Do List

Version 1.5

  • Add new passive modules
  • Add Cloud Detect modules

Version 2.0

  • Add AI Recon Model

📋 Requirements

  • Recommended: Python 3.13.0 or later
  • aiohttp
  • rich
  • pytest (for testing)

📝 License

MIT License

🤝 Contributions

Bug Report, Feature Suggestions, Issue Report

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

This version

1.2.7

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.0

0.3.1

0.3

0.2.7

0.2.6

0.2.4

0.2.3

0.2.2

0.2

0.1.8

0.1.7

0.1.6

0.1.5

0.1.3

0.1.2

0.1.1

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

subsurfer-1.2.7.tar.gz (34.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

subsurfer-1.2.7-py3-none-any.whl (52.3 kB view details)

Uploaded Python 3

File details

Details for the file subsurfer-1.2.7.tar.gz.

File metadata

  • Download URL: subsurfer-1.2.7.tar.gz
  • Upload date:
  • Size: 34.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for subsurfer-1.2.7.tar.gz
Algorithm Hash digest
SHA256 a0d1792cd6f7310288d5eff071240a59f19bd1dba32ed82f67a89adc1cc3ac2e
MD5 6fec033403d7c3a79a99603c3f92b94d
BLAKE2b-256 6d5a5fb6309f714f65e7ea18c2de4ca5521eb02002e2050b11281fb6b8f4c800

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.7.tar.gz:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file subsurfer-1.2.7-py3-none-any.whl.

File metadata

  • Download URL: subsurfer-1.2.7-py3-none-any.whl
  • Upload date:
  • Size: 52.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for subsurfer-1.2.7-py3-none-any.whl
Algorithm Hash digest
SHA256 06c0c1f64221b5b8210da6cb118a6370b3f7bb801ff188881166aa3c86a93149
MD5 817f8bd9942b784a9645ef1f67fa3831
BLAKE2b-256 8644cc3cd6f8a16576d1decb8d6035e81056537ca94823b756959415f69417f3

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.7-py3-none-any.whl:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page