How to Setup Sublist3r – Fast Subdomains Enumeration Tool

How to Setup Sublist3r – Fast Subdomains Enumeration Tool

Hello friends today will be walking about a really simple and powerful tool to gather sub-domains of the site. I will show you How to Setup Sublist3r – Fast Subdomains Enumeration Tool  .

About Sublist3r

Sublist3r is python tool that is designed to enumerate subdomains of websites through various OSINT sources. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r currenly supports many search engines such as Google, Yahoo, Bing, Baidu, and Ask. More search engines may be added in the future. Sublist3r also gathers subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and PassiveDNS.

subbrute was integrated with Sublist3r to increase the possibility of finding more subdomains using bruteforce with an improved wordlist. The credit goes to TheRook who is the author of subbrute.

Source : –

Installing Sublist3r:-

Download Sublist3r or Clone it using Git. from here :

Sublist3r depends on the requests, dnspython and argparse python modules.

These dependencies can be installed using the requirements file:

  • Installation on Windows:
c:\sublist3r\pip install -r requirements.txt
  • Installation on Linux
sudo pip install -r requirements.txt

These modules can be installed manually to for that you need to type these commands:-

For Linux :-

sudo pip install requests
 sudo pip install dnspython
 sudo pip install argparse

For Windows :-

 pip install requests
 pip install dnspython
 pip install argparse


Short FormLong FormDescription
-d–domainDomain name to enumerate subdomains of
-b–bruteforceEnable the subbrute bruteforce module
-p–portsScan the found subdomains against specific tcp ports
-v–verboseEnable the verbose mode and display results in realtime
-t–threadsNumber of threads to use for subbrute bruteforce
-e–enginesSpecify a comma-separated list of search engines
-o–outputSave the results to text file
-h–helpshow the help message and exit


  1. Nothing makes me feel better about using an ad-blocker than when I find a garbage site like this, one that rephrases the README file to try to get ad dollars, without providing any value, and probably even less than if the people who think they’re in infosec now because they run Metasploit actually bothered to do their own reading.


Please enter your comment!
Please enter your name here