Red Teaming and Web Bug Bounty Fast Asset Identification Tool

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

🏄‍♂️ SubSurfer

Python Version License Version

SubSurfer is a fast and efficient subdomain enumeration and web property identification tool. alt text


🌟 Features

  • Red Team/Bug Bounty Support: Useful for both red team operations and web bug bounty projects
  • High-Performance Scanning: Fast subdomain enumeration using asynchronous and parallel processing
  • Port Scanning: Expand asset scanning range with customizable port selection
  • Web Service Identification: Gather environmental details such as web servers and technology stacks
  • Pipeline Integration: Supports integration with other tools using -pipeweb and -pipesub options
  • Modular Design: Can be imported and used as a Python module
  • Continuous Updates: - Continuous Updates: New passive/active modules will continue to be added

🚀 Installation

bash

git clone https://github.com/arrester/subsurfer.git
cd subsurfer

or

Python

pip install subsurfer

📖 Usage

CLI Mode

Basic Scan
subsurfer -t vulnweb.com

Enable Active Scanning
subsurfer -t vulnweb.com -a

Include Port Scanning
subsurfer -t vulnweb.com -dp # Default Port
subsurfer -t vulnweb.com -p 80,443,8080-8090 # Custom ports

Pipeline Output
subsurfer -t vulnweb.com -pipeweb # Output only web server
subsurfer -t vulnweb.com -pipesub # Output only subdomain results

Using as a Python Module

Subdomain Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1,
        active=False            # Active Scan Option
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Print results
    print(f"Discovered Subdomains: {len(subdomains)}개")
    for subdomain in sorted(subdomains):
        print(subdomain)

if __name__ == "__main__":
    asyncio.run(main())

Port Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Default ports (80, 443)
    ports = None

    # Set port scan options
    # ports = controller.parse_ports()  # Default ports
    # Or specify custom ports
    # ports = controller.parse_ports("80,443,8080-8090")
    
    # Web service scanning
    web_services = await controller.scan_web_services(subdomains, ports)
    
    # Print web servers
    print("\n웹 서버:")
    for server in sorted(web_services['web_servers']):
        print(f"https://{server}")
    
    # Print active services
    print("\n활성화된 서비스:")
    for service in sorted(web_services['enabled_services']):
        print(service)
        
    # Print discovered URLs and ports
    print("\n발견된 URL:")
    for subdomain, urls in web_services['all_urls'].items():
        for url, port in urls:
            print(f"{url}:{port}")

if __name__ == "__main__":
    asyncio.run(main())

Result Save

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController("vulnweb.com")
    
    # Collect subdomains and scan web services
    subdomains = await controller.collect_subdomains()
    web_services = await controller.scan_web_services(subdomains)
    
    # Save results
    results_dict = {
        'subdomains': subdomains,
        'web_services': web_services.get('web_services', {}),
        'web_servers': web_services.get('web_servers', set()),
        'enabled_services': web_services.get('enabled_services', set()),
        'all_urls': web_services.get('all_urls', {})  # Includes URL and port information
    }
    
    # Generate default result file path (stored in the "results" directory)
    output_path = controller.get_output_path()
    controller.save_results(results_dict, output_path)

if __name__ == "__main__":
    asyncio.run(main())

🧪 Testing

Passive Handler Test

pytest tests/handlers/test_passive_handler.py -v


Active Handler Test

pytest tests/handlers/test_active_handler.py -v


🗺️ To-Do List

Version 1.5

  • Add new passive modules
  • Add Cloud Detect modules

Version 2.0

  • Add AI Recon Model

📋 Requirements

  • Recommended: Python 3.13.0 or later
  • aiohttp
  • rich
  • pytest (for testing)

📝 License

MIT License

🤝 Contributions

Bug Report, Feature Suggestions, Issue Report

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

1.2.7

1.2.6

1.2.5

1.2.4

1.2.3

This version

1.2.2

1.0

0.3.1

0.3

0.2.7

0.2.6

0.2.4

0.2.3

0.2.2

0.2

0.1.8

0.1.7

0.1.6

0.1.5

0.1.3

0.1.2

0.1.1

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

subsurfer-1.2.2.tar.gz (33.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

subsurfer-1.2.2-py3-none-any.whl (51.5 kB view details)

Uploaded Python 3

File details

Details for the file subsurfer-1.2.2.tar.gz.

File metadata

  • Download URL: subsurfer-1.2.2.tar.gz
  • Upload date:
  • Size: 33.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for subsurfer-1.2.2.tar.gz
Algorithm Hash digest
SHA256 1dbbfc6f8e1337b0f2018a567da7b3f05969cb8d20fd67ff83630c0fefb4db85
MD5 c923be1fee681c05e037d069e4253e54
BLAKE2b-256 4a0252261db1090181edbb2b82cbb1e59a02187d6f830a99699828cf76e93b11

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.2.tar.gz:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file subsurfer-1.2.2-py3-none-any.whl.

File metadata

  • Download URL: subsurfer-1.2.2-py3-none-any.whl
  • Upload date:
  • Size: 51.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for subsurfer-1.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 57cf2636702e8263021372b9098b987d5e930fe9dd403a803bd72c2e7f64230e
MD5 faf0634f28a5de5dbb9802eb36f1aedc
BLAKE2b-256 273956c814164974a9b027198d93c8c743e529fac554da285ee2b128e3258ab9

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.2-py3-none-any.whl:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page