How to Make a Subdomain Scanner in Python? [Complete Guide] (2024)

Posted in PROGRAMMING LANGUAGE / PYTHON

How to Make a Subdomain Scanner in Python? [Complete Guide] (1)

How to Make a Subdomain Scanner in Python? [Complete Guide] (2)

Vinay Khatri
Last updated on August 1, 2024

This tutorial details how to make a subdomain scanner in Python. Popular tech giants such as Google, Mozilla, Apple, and Meta not only have their official websites with various domain names but also support many subdomains for their various products and services.

For example, facebook.com has a subdomain https://developers.facebook.com/ that provides a platform for developers across the globe to communicate and contribute to Meta.

Similarly, the social media giant has many subdomains for all the services and products it offers.

In this Python tutorial, we will learn how to list out all the subdomains offered by a domain in Python . However, before we discuss the Python program, let's discuss the libraries and other dependencies we will be using for this tutorial.

Required Libraries and Files

1) Python requests Library

In this tutorial, we will be using the de-facto Python library for HTTP requests, i.e., the requests library to handle HTTP requests. Using requests, we will send the get request to the prospect subdomain URLs and check if the subdomain for the domain exists or not.

To install the requests library for your Python environment, run the following pip install command on your terminal or command prompt:

pip install requests

2) Python colorama Library (Optional)

colorama is an open-source Python library that is used to produce colorful terminal text. In this tutorial, we will be using this library to print the output text in a colored format. You can install the colorama library for your Python environment using the following pip install command:

pip install colorama

3) subdomains.txt File

To find out all the subdomains of a domain, we will use brute force techniques, in which we will send the GET request to all the combinations of subdomain URLs, and based on the success response, we will print the available subdomains. You can copy and paste the suffix for all possible subdomain from our GitHub repository and save it locally as subdomains.txt .

We would recommend you save the subdomains.txt file in the same directory where your Python script is located.

Now, it's time to open your best Python IDE or text editor and start coding.

How to Make a Subdomain Scanner in Python?

We will start with importing the required modules.

import requestsfrom colorama import Fore#for windowsfrom colorama import initinit()

If you are on a Windows system, you need to initialize colorama by calling the init() method. It will not have any effect on macOS and Linux. Now, let's define an identifier url that represents the domain name for which we want to find all the subdomains.

# the domain to scan for subdomainsdomain = "facebook.com"

In this tutorial, we are finding all the subdomains offered by facebook.com. Next, we will open the subdomains.txt file in the read "r" mode, read the subdomains line by line, create the subdomain URL with the help of subdomain and domain, and send GET request to the subdomain URL.

with open(filename, "r") as file: for subdomain in file.readlines(): # define subdomain url subdomain_url = f"https://{subdomain.strip()}.{domain}" try: response = requests.get(subdomain_url) #200 success code if response.status_code==200: print(Fore.GREEN +f"Subdomain Found [+]: {subdomain_url}") except: pass
  • The readlines() function will read the file line by line.
  • strip() will remove the unnecessary space and new line from the subdomain string.
  • The get() function will send the GET request to the specified URL.
  • status_code returns an integer value for the response status.

Finally, put all the code together and execute.

Python Program to Find Subdomains

import requestsfrom colorama import Fore#initialize colorama for windowsfrom colorama import initinit()# the domain to scan for subdomainsdomain = "facebook.com"#https://github.com/KHATRIVINAY1/data/blob/main/subdomains.txtfilename="subdomains.txt"with open(filename, "r") as file: for subdomain in file.readlines(): # define subdomain url subdomain_url = f"https://{subdomain.strip()}.{domain}" try: response = requests.get(subdomain_url) #200 success code if response.status_code==200: print(Fore.GREEN +f"Subdomain Found [+]: {subdomain_url}") except: pass 

Output

How to Make a Subdomain Scanner in Python? [Complete Guide] (3)

Conclusion

In this Python tutorial, we learned how to make a subdomain scanner in Python. When you execute the above program, it might take a few minutes to print out all the subdomains offered by Facebook.com.

If you want your program to run faster, you can use multithreading in Python .

People are also reading:

  • Best Python GUI Frameworks
  • Parse Data From JSON Into Python
  • Delete a File in Python
  • Update All Python Packages
  • How to loop with indexes in Python?
  • Python list vs. Tuple
  • Best Python Data Visualization Libraries
  • Python Modulo in Practice
  • Python Data Visualization
How to Make a Subdomain Scanner in Python? [Complete Guide] (2024)

FAQs

How to make a scanner in Python? ›

Creating a port scanner with Python

Open up your Kali terminal or any Linux terminal and let's go. I'm going to show you the basics of how we write a very fundamental Python script — a basic port scanner. I want you to begin by just copying the code. Follow along, and write down exactly what I'm writing in my script.

What is subdomain scanner? ›

A Subdomain Finder is a subdomain enumeration tool that helps you discover subdomain hosts (aka subdomain FQDNs) which serve specific functions for your target (e.g. hosting public websites, private subdomains for testing web apps, URLs where you can find backups, etc.).

How to create a Scanner? ›

Create a Scanner Object in Java

Once we import the package, here is how we can create Scanner objects. // read input from the input stream Scanner sc1 = new Scanner(InputStream input); // read input from files Scanner sc2 = new Scanner(File file); // read input from a string Scanner sc3 = new Scanner(String str);

Does Python have scanners? ›

Scanning in Python can be done using libraries, such as Scapy, which provide tools for analyzing and manipulating network data packets.

What is a subdomain example? ›

Subdomains are also commonly used to separate a section of a website from the main site. For example, blog.hubspot.com and shop.hubspot.com direct to our blog and online store respectively.

What is subdomain hijacking? ›

It's a cyber threat executed when an attacker gains control of a legitimate subdomain that's no longer in use, then cleverly exploits the forgotten or misconfigured dangling DNS to host their own content on the previously used zone.

What is scan () in Python? ›

What is scan in Python? Python scan is a method used to analyze network traffic in real time. It consists of going through the information of a network in search of data packets that contain important information, such as IP addresses and ports.

Top Articles
Latest Posts
Article information

Author: Prof. An Powlowski

Last Updated:

Views: 5353

Rating: 4.3 / 5 (64 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Prof. An Powlowski

Birthday: 1992-09-29

Address: Apt. 994 8891 Orval Hill, Brittnyburgh, AZ 41023-0398

Phone: +26417467956738

Job: District Marketing Strategist

Hobby: Embroidery, Bodybuilding, Motor sports, Amateur radio, Wood carving, Whittling, Air sports

Introduction: My name is Prof. An Powlowski, I am a charming, helpful, attractive, good, graceful, thoughtful, vast person who loves writing and wants to share my knowledge and understanding with you.