Simple python script to scan for sub domains.

I have now included a smallish wordlist to get you started, from here

Any suggestions very welcome.



You will need python3 & requests module installed to use.

sudo apt updtae && sudo apt install python3-pip

pip3 install requests

git clone

cd subd0my && python3


Just follow the on screen prompts & path to wordlist including the .extension if any. If you have a word list in the same directory as the script then just pass the full name. Give it time to run your list, output file can have an extension thats upto you & it outputs the results as list.

If running in windows please use absolute path to word list even if it is the same directory as the script.

CREDITS for the file output help. for the wordlists.


View Github