Red Teaming and Web Bug Bounty Fast Asset Identification Tool

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

🏄‍♂️ SubSurfer

Python Version License Version

SubSurfer is a fast and efficient subdomain enumeration and web property identification tool. alt text


🌟 Features

  • Red Team/Bug Bounty Support: Useful for both red team operations and web bug bounty projects
  • High-Performance Scanning: Fast subdomain enumeration using asynchronous and parallel processing
  • Port Scanning: Expand asset scanning range with customizable port selection
  • Web Service Identification: Gather environmental details such as web servers and technology stacks
  • Pipeline Integration: Supports integration with other tools using -pipeweb and -pipesub options
  • Modular Design: Can be imported and used as a Python module
  • Continuous Updates: - Continuous Updates: New passive/active modules will continue to be added

🚀 Installation

bash

git clone https://github.com/arrester/subsurfer.git
cd subsurfer

or

Python

pip install subsurfer

📖 Usage

CLI Mode

Basic Scan
subsurfer -t vulnweb.com

Enable Active Scanning
subsurfer -t vulnweb.com -a

Include Port Scanning
subsurfer -t vulnweb.com -dp # Default Port
subsurfer -t vulnweb.com -p 80,443,8080-8090 # Custom ports

Pipeline Output
subsurfer -t vulnweb.com -pipeweb # Output only web server
subsurfer -t vulnweb.com -pipesub # Output only subdomain results

Using as a Python Module

Subdomain Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1,
        active=False            # Active Scan Option
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Print results
    print(f"Discovered Subdomains: {len(subdomains)}개")
    for subdomain in sorted(subdomains):
        print(subdomain)

if __name__ == "__main__":
    asyncio.run(main())

Port Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Default ports (80, 443)
    ports = None

    # Set port scan options
    # ports = controller.parse_ports()  # Default ports
    # Or specify custom ports
    # ports = controller.parse_ports("80,443,8080-8090")
    
    # Web service scanning
    web_services = await controller.scan_web_services(subdomains, ports)
    
    # Print web servers
    print("\n웹 서버:")
    for server in sorted(web_services['web_servers']):
        print(f"https://{server}")
    
    # Print active services
    print("\n활성화된 서비스:")
    for service in sorted(web_services['enabled_services']):
        print(service)
        
    # Print discovered URLs and ports
    print("\n발견된 URL:")
    for subdomain, urls in web_services['all_urls'].items():
        for url, port in urls:
            print(f"{url}:{port}")

if __name__ == "__main__":
    asyncio.run(main())

Result Save

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController("vulnweb.com")
    
    # Collect subdomains and scan web services
    subdomains = await controller.collect_subdomains()
    web_services = await controller.scan_web_services(subdomains)
    
    # Save results
    results_dict = {
        'subdomains': subdomains,
        'web_services': web_services.get('web_services', {}),
        'web_servers': web_services.get('web_servers', set()),
        'enabled_services': web_services.get('enabled_services', set()),
        'all_urls': web_services.get('all_urls', {})  # Includes URL and port information
    }
    
    # Generate default result file path (stored in the "results" directory)
    output_path = controller.get_output_path()
    controller.save_results(results_dict, output_path)

if __name__ == "__main__":
    asyncio.run(main())

🧪 Testing

Passive Handler Test

pytest tests/handlers/test_passive_handler.py -v


Active Handler Test

pytest tests/handlers/test_active_handler.py -v


🗺️ To-Do List

Version 1.5

  • Add new passive modules
  • Add Cloud Detect modules

Version 2.0

  • Add AI Recon Model

📋 Requirements

  • Recommended: Python 3.13.0 or later
  • aiohttp
  • rich
  • pytest (for testing)

📝 License

MIT License

🤝 Contributions

Bug Report, Feature Suggestions, Issue Report

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

1.2.7

1.2.6

1.2.5

This version

1.2.4

1.2.3

1.2.2

1.0

0.3.1

0.3

0.2.7

0.2.6

0.2.4

0.2.3

0.2.2

0.2

0.1.8

0.1.7

0.1.6

0.1.5

0.1.3

0.1.2

0.1.1

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

subsurfer-1.2.4.tar.gz (33.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

subsurfer-1.2.4-py3-none-any.whl (51.8 kB view details)

Uploaded Python 3

File details

Details for the file subsurfer-1.2.4.tar.gz.

File metadata

  • Download URL: subsurfer-1.2.4.tar.gz
  • Upload date:
  • Size: 33.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for subsurfer-1.2.4.tar.gz
Algorithm Hash digest
SHA256 6fd4aa9b531ddc9e924e07d39c95d9fd516718ebc08d7eb5aba284b78244b382
MD5 7da58e79aed6b7c378a5560240c87ca9
BLAKE2b-256 9f1e8b70e5cd769cd729cae769a9e628a837fcd58fccb189ba6001f1aadd7c1b

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.4.tar.gz:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file subsurfer-1.2.4-py3-none-any.whl.

File metadata

  • Download URL: subsurfer-1.2.4-py3-none-any.whl
  • Upload date:
  • Size: 51.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for subsurfer-1.2.4-py3-none-any.whl
Algorithm Hash digest
SHA256 ce29a8189807873a82a5dbf1983ea103832a4f6dda3b4e2dda7111fcfe694666
MD5 d4a3605ea15a248aa209354dd450f7b6
BLAKE2b-256 c790fb293c2148ed0457689cd8649585386f1f2e63f1c5b78b9a2932306b5a2c

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.4-py3-none-any.whl:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page