Red Teaming and Web Bug Bounty Fast Asset Identification Tool
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
๐โโ๏ธ SubSurfer
SubSurfer๋ ๋น ๋ฅด๊ณ ํจ์จ์ ์ธ ์๋ธ๋๋ฉ์ธ ์ด๊ฑฐ ๋ฐ ์น ์์ฐ ์๋ณ ๋๊ตฌ์ ๋๋ค.
๐ ํน์ง
- ๋ ๋ํ/๋ฒ๊ทธ๋ฐ์ดํฐ ์ง์: ๋ ๋ํ ์์ ๊ณผ ์น ๋ฒ๊ทธ๋ฐ์ดํฐ ํ๋ก์ ํธ ๋ชจ๋์์ ํ์ฉ ๊ฐ๋ฅ
- ๊ณ ์ฑ๋ฅ ์ค์บ: ๋น๋๊ธฐ ๋ฐ ๋ณ๋ ฌ ์ฒ๋ฆฌ๋ฅผ ํตํ ๋น ๋ฅธ ์๋ธ๋๋ฉ์ธ ์์ง
- ํฌํธ ์ค์บ: ์ฌ์ฉ์ ์ ์ ํฌํธ ๋ฒ์๋ก ์์ฐ ์ค์บ ๋ฒ์ ํ์ฅ
- ์น ์๋น์ค ์๋ณ: ์น ์๋ฒ, ๊ธฐ์ ์คํ ๋ฑ ํ๊ฒฝ ์ ๋ณด ์์ง
- ํ์ดํ๋ผ์ธ ์ง์:
-pipeweb,-pipesub์ต์ ์ผ๋ก ๋ค๋ฅธ ๋๊ตฌ์์ ์ฐ๊ณ ๊ฐ๋ฅ - ๋ชจ๋ํ ์ค๊ณ: Python ๋ชจ๋๋ก importํ์ฌ ์ฌ์ฉ ๊ฐ๋ฅ
- ์ง์์ ์ ๋ฐ์ดํธ: ์๋ก์ด passive/active ๋ชจ๋ ์ง์ ์ถ๊ฐ ์์
๐ ์ค์น
bash
git clone https://github.com/arrester/subsurfer.git
cd subsurfer
or
Python
pip install -r requirements.txt
๐ ์ฌ์ฉ๋ฒ
CLI ๋ชจ๋
๊ธฐ๋ณธ ์ค์บ
subsurfer -t vulnweb.com
์กํฐ๋ธ ์ค์บ ํ์ฑํ
subsurfer -t vulnweb.com -a
ํฌํธ ์ค์บ ํฌํจ
subsurfer -t vulnweb.com -dp # ๊ธฐ๋ณธ ํฌํธ
subsurfer -t vulnweb.com -p 80,443,8080-8090 # ์ฌ์ฉ์ ์ ์ ํฌํธ
ํ์ดํ๋ผ์ธ ์ถ๋ ฅ
subsurfer -t vulnweb.com -pipeweb # ์น ์๋ฒ ๊ฒฐ๊ณผ๋ง ์ถ๋ ฅ
subsurfer -t vulnweb.com -pipesub # ์๋ธ๋๋ฉ์ธ ๊ฒฐ๊ณผ๋ง ์ถ๋ ฅ
Python ๋ชจ๋๋ก ์ฌ์ฉ
Subdomain Scan
from subsurfer.core.controller.controller import SubSurferController
import asyncio
async def main():
controller = SubSurferController(
target="vulnweb.com",
verbose=1,
active=False # Active Scan Option
)
# ์๋ธ๋๋ฉ์ธ ์์ง
subdomains = await controller.collect_subdomains()
# ๊ฒฐ๊ณผ ์ถ๋ ฅ
print(f"๋ฐ๊ฒฌ๋ ์๋ธ๋๋ฉ์ธ: {len(subdomains)}๊ฐ")
for subdomain in sorted(subdomains):
print(subdomain)
if __name__ == "__main__":
asyncio.run(main())
Port Scan
from subsurfer.core.controller.controller import SubSurferController
import asyncio
async def main():
controller = SubSurferController(
target="vulnweb.com",
verbose=1
)
# ์๋ธ๋๋ฉ์ธ ์์ง
subdomains = await controller.collect_subdomains()
# ๊ธฐ๋ณธ 80, 443 ์ค์บ ์ค์
ports = None
# ํฌํธ ์ค์บ ์ค์
# ports = controller.parse_ports() # ๊ธฐ๋ณธ ํฌํธ
# ๋๋ ์ฌ์ฉ์ ์ง์ ํฌํธ
# ports = controller.parse_ports("80,443,8080-8090")
# ์น ์๋น์ค ์ค์บ
web_services = await controller.scan_web_services(subdomains, ports)
# ์น ์๋ฒ ์ถ๋ ฅ
print("\n์น ์๋ฒ:")
for server in sorted(web_services['web_servers']):
print(f"https://{server}")
# ํ์ฑํ๋ ์๋น์ค ์ถ๋ ฅ
print("\nํ์ฑํ๋ ์๋น์ค:")
for service in sorted(web_services['enabled_services']):
print(service)
# URL๊ณผ ํฌํธ ์ ๋ณด ์ถ๋ ฅ
print("\n๋ฐ๊ฒฌ๋ URL:")
for subdomain, urls in web_services['all_urls'].items():
for url, port in urls:
print(f"{url}:{port}")
if __name__ == "__main__":
asyncio.run(main())
Result Save
from subsurfer.core.controller.controller import SubSurferController
import asyncio
async def main():
controller = SubSurferController("vulnweb.com")
# ์๋ธ๋๋ฉ์ธ ์์ง ๋ฐ ์น ์๋น์ค ์ค์บ
subdomains = await controller.collect_subdomains()
web_services = await controller.scan_web_services(subdomains)
# ๊ฒฐ๊ณผ ์ ์ฅ
results_dict = {
'subdomains': subdomains,
'web_services': web_services.get('web_services', {}),
'web_servers': web_services.get('web_servers', set()),
'enabled_services': web_services.get('enabled_services', set()),
'all_urls': web_services.get('all_urls', {}) # URL๊ณผ ํฌํธ ์ ๋ณด ํฌํจ
}
# ๊ธฐ๋ณธ ๊ฒฐ๊ณผ ํ์ผ ๊ฒฝ๋ก ์์ฑ (results ๋๋ ํ ๋ฆฌ์ ์ ์ฅ)
output_path = controller.get_output_path()
controller.save_results(results_dict, output_path)
if __name__ == "__main__":
asyncio.run(main())
๐งช ํ ์คํธ
ํจ์๋ธ ํธ๋ค๋ฌ ํ ์คํธ
pytest tests/handlers/test_passive_handler.py -v
์กํฐ๋ธ ํธ๋ค๋ฌ ํ ์คํธ
pytest tests/handlers/test_active_handler.py -v
๐บ๏ธ ToDo
0.2 ๋ฒ์
- ์๋ก์ด ํจ์๋ธ ๋ชจ๋ ์ถ๊ฐ
0.3 ๋ฒ์
- JSON ๊ฒฐ๊ณผ ์ถ๋ ฅ ์ต์ ์ถ๊ฐ
- ์๋ก์ด ํจ์๋ธ ๋ชจ๋ ์ถ๊ฐ
- ๊ธฐํ ๊ธฐ๋ฅ ์ ๋ฐ์ดํธ
0.4 ๋ฒ์
- ์๋ก์ด ํจ์๋ธ ๋ชจ๋ ์ถ๊ฐ
- ์๋ธ๋๋ฉ์ธ ํ์ทจ ๊ฒ์ฌ ๊ธฐ๋ฅ
0.5 ๋ฒ์
- ์๋ก์ด ํจ์๋ธ ๋ชจ๋ ์ถ๊ฐ
- ์๋ก์ด ์กํฐ๋ธ ๋ชจ๋ ์ถ๊ฐ
๐ ์๊ตฌ์ฌํญ
- Python 3.13.0 ์ด์ ๊ถ์ฅ
- aiohttp
- rich
- pytest (ํ ์คํธ์ฉ)
๐ ๋ผ์ด์ ์ค
MIT License
๐ค ๊ธฐ์ฌ
Bug Report, Feature Suggestions, Pull Request
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
subsurfer-0.1.8.tar.gz
(25.5 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
subsurfer-0.1.8-py3-none-any.whl
(36.6 kB
view details)
File details
Details for the file subsurfer-0.1.8.tar.gz.
File metadata
- Download URL: subsurfer-0.1.8.tar.gz
- Upload date:
- Size: 25.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.0.1 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
eba957e48a48f73dd5f375a306e237d27f7654fd46f19f0fabaa0b5dd79735cf
|
|
| MD5 |
247e13f7f47701d7b3d88ea8e7e82259
|
|
| BLAKE2b-256 |
79a02c5d925071f287e463c0790eff7abece728eca2e6538941e154bff44604d
|
Provenance
The following attestation bundles were made for subsurfer-0.1.8.tar.gz:
Publisher:
publish.yml on arrester/SubSurfer
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
subsurfer-0.1.8.tar.gz -
Subject digest:
eba957e48a48f73dd5f375a306e237d27f7654fd46f19f0fabaa0b5dd79735cf - Sigstore transparency entry: 162092911
- Sigstore integration time:
-
Permalink:
arrester/SubSurfer@c43643e6838ee41c19a02f7a58810f244c0e6822 -
Branch / Tag:
refs/tags/v0.1.8 - Owner: https://github.com/arrester
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@c43643e6838ee41c19a02f7a58810f244c0e6822 -
Trigger Event:
push
-
Statement type:
File details
Details for the file subsurfer-0.1.8-py3-none-any.whl.
File metadata
- Download URL: subsurfer-0.1.8-py3-none-any.whl
- Upload date:
- Size: 36.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.0.1 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1396d020a270257d0564ac67a95f865f9e1b88a8d651be241aa6be74006264ae
|
|
| MD5 |
db1d40dcbfdd6797f375008cb615491c
|
|
| BLAKE2b-256 |
fe28f2331b96e707c50d6468c51f54f4b0924f86ffcd602d226d35227605ebb8
|
Provenance
The following attestation bundles were made for subsurfer-0.1.8-py3-none-any.whl:
Publisher:
publish.yml on arrester/SubSurfer
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
subsurfer-0.1.8-py3-none-any.whl -
Subject digest:
1396d020a270257d0564ac67a95f865f9e1b88a8d651be241aa6be74006264ae - Sigstore transparency entry: 162092913
- Sigstore integration time:
-
Permalink:
arrester/SubSurfer@c43643e6838ee41c19a02f7a58810f244c0e6822 -
Branch / Tag:
refs/tags/v0.1.8 - Owner: https://github.com/arrester
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@c43643e6838ee41c19a02f7a58810f244c0e6822 -
Trigger Event:
push
-
Statement type:
