Red Teaming and Web Bug Bounty Fast Asset Identification Tool

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

🏄‍♂️ SubSurfer

Python Version License Version

SubSurfer is a fast and efficient subdomain enumeration and web property identification tool. alt text


🌟 Features

  • Red Team/Bug Bounty Support: Useful for both red team operations and web bug bounty projects
  • High-Performance Scanning: Fast subdomain enumeration using asynchronous and parallel processing
  • Port Scanning: Expand asset scanning range with customizable port selection
  • Web Service Identification: Gather environmental details such as web servers and technology stacks
  • Pipeline Integration: Supports integration with other tools using -pipeweb and -pipesub options
  • Modular Design: Can be imported and used as a Python module
  • Continuous Updates: - Continuous Updates: New passive/active modules will continue to be added

🚀 Installation

bash

git clone https://github.com/arrester/subsurfer.git
cd subsurfer

or

Python

pip install subsurfer

📖 Usage

CLI Mode

Basic Scan
subsurfer -t vulnweb.com

Enable Active Scanning
subsurfer -t vulnweb.com -a

Include Port Scanning
subsurfer -t vulnweb.com -dp # Default Port
subsurfer -t vulnweb.com -p 80,443,8080-8090 # Custom ports

Pipeline Output
subsurfer -t vulnweb.com -pipeweb # Output only web server
subsurfer -t vulnweb.com -pipesub # Output only subdomain results

Using as a Python Module

Subdomain Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1,
        active=False            # Active Scan Option
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Print results
    print(f"Discovered Subdomains: {len(subdomains)}개")
    for subdomain in sorted(subdomains):
        print(subdomain)

if __name__ == "__main__":
    asyncio.run(main())

Port Scan

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController(
        target="vulnweb.com",
        verbose=1
    )
    
    # Collect subdomains
    subdomains = await controller.collect_subdomains()
    
    # Default ports (80, 443)
    ports = None

    # Set port scan options
    # ports = controller.parse_ports()  # Default ports
    # Or specify custom ports
    # ports = controller.parse_ports("80,443,8080-8090")
    
    # Web service scanning
    web_services = await controller.scan_web_services(subdomains, ports)
    
    # Print web servers
    print("\n웹 서버:")
    for server in sorted(web_services['web_servers']):
        print(f"https://{server}")
    
    # Print active services
    print("\n활성화된 서비스:")
    for service in sorted(web_services['enabled_services']):
        print(service)
        
    # Print discovered URLs and ports
    print("\n발견된 URL:")
    for subdomain, urls in web_services['all_urls'].items():
        for url, port in urls:
            print(f"{url}:{port}")

if __name__ == "__main__":
    asyncio.run(main())

Result Save

from subsurfer.core.controller.controller import SubSurferController
import asyncio

async def main():
    controller = SubSurferController("vulnweb.com")
    
    # Collect subdomains and scan web services
    subdomains = await controller.collect_subdomains()
    web_services = await controller.scan_web_services(subdomains)
    
    # Save results
    results_dict = {
        'subdomains': subdomains,
        'web_services': web_services.get('web_services', {}),
        'web_servers': web_services.get('web_servers', set()),
        'enabled_services': web_services.get('enabled_services', set()),
        'all_urls': web_services.get('all_urls', {})  # Includes URL and port information
    }
    
    # Generate default result file path (stored in the "results" directory)
    output_path = controller.get_output_path()
    controller.save_results(results_dict, output_path)

if __name__ == "__main__":
    asyncio.run(main())

🧪 Testing

Passive Handler Test

pytest tests/handlers/test_passive_handler.py -v


Active Handler Test

pytest tests/handlers/test_active_handler.py -v


🗺️ To-Do List

Version 1.5

  • Add new passive modules
  • Add Cloud Detect modules

Version 2.0

  • Add AI Recon Model

📋 Requirements

  • Recommended: Python 3.13.0 or later
  • aiohttp
  • rich
  • pytest (for testing)

📝 License

MIT License

🤝 Contributions

Bug Report, Feature Suggestions, Issue Report

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for arrester from gravatar.com arrester
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: arrester
  • Tags security , subdomain enumeration , bug bounty , red team , web security
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

1.2.7

1.2.6

This version

1.2.5

1.2.4

1.2.3

1.2.2

1.0

0.3.1

0.3

0.2.7

0.2.6

0.2.4

0.2.3

0.2.2

0.2

0.1.8

0.1.7

0.1.6

0.1.5

0.1.3

0.1.2

0.1.1

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

subsurfer-1.2.5.tar.gz (33.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

subsurfer-1.2.5-py3-none-any.whl (51.8 kB view details)

Uploaded Python 3

File details

Details for the file subsurfer-1.2.5.tar.gz.

File metadata

  • Download URL: subsurfer-1.2.5.tar.gz
  • Upload date:
  • Size: 33.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for subsurfer-1.2.5.tar.gz
Algorithm Hash digest
SHA256 40d611f99e4702609131b498e16eba3028f0986168dd15055079f1e6f00ef22c
MD5 b2c2d10352ca1a509afd1710c6945d17
BLAKE2b-256 ddbe549a8304974089cce1453274b95c99fa7a640a769365a53607084f5f3e44

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.5.tar.gz:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file subsurfer-1.2.5-py3-none-any.whl.

File metadata

  • Download URL: subsurfer-1.2.5-py3-none-any.whl
  • Upload date:
  • Size: 51.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for subsurfer-1.2.5-py3-none-any.whl
Algorithm Hash digest
SHA256 4145d36cc998b51073d40717dbeed9fe90d0f6ad4c4ae6be8fa8a3c7e51f9136
MD5 cda42696dac999d83249b4d19facedfe
BLAKE2b-256 b3e45ad0099d4391a982e3f04459873f661e2172d4a5166cde61deee288129ee

See more details on using hashes here.

Provenance

The following attestation bundles were made for subsurfer-1.2.5-py3-none-any.whl:

Publisher: publish.yml on arrester/SubSurfer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page