paint-brush
Introducing Anubis, a new subdomain enumerator and information gathering toolby@jonluca
1,348 reads
1,348 reads

Introducing Anubis, a new subdomain enumerator and information gathering tool

by JonLuca De CaroDecember 11th, 2017
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Named after the Egyptian god of finding lost things, <a href="https://github.com/jonluca/Anubis" target="_blank">Anubis</a> and <a href="https://github.com/jonluca/Anubis-DB" target="_blank">AnubisDB</a>, two companion projects, were created due to a lack of free and open APIs for <a href="https://hackernoon.com/tagged/sundomain" target="_blank">subdomain</a> enumeration. Subdomain enumeration is one of the first steps in the information gathering phase, and is required to get a full scope of the attack surfaces of your target.

Company Mentioned

Mention Thumbnail
featured image - Introducing Anubis, a new subdomain enumerator and information gathering tool
JonLuca De Caro HackerNoon profile picture

Named after the Egyptian god of finding lost things, Anubis and AnubisDB, two companion projects, were created due to a lack of free and open APIs for subdomain enumeration. Subdomain enumeration is one of the first steps in the information gathering phase, and is required to get a full scope of the attack surfaces of your target.

Anubis collates data from a variety of sources to provide one of the most comprehensive tools for subdomain enumeration. It pulls subdomains from public sources, indexed search results, and AnubisDB, a centralized, open API for subdomains.

Sample enumeration for medium.com

Additionally, Anubis is able to identify all key servers behind the domains, and output any IPs of interest. For instance, running the same command as above with the -p flag gives us all the unique resolved IP addresses, which allows a security researcher to get a more comprehensive idea of the scope of their target.

The unique IPs associated with the 40 domains above

Anubis is also able to extract information from less used, but potentially rewarding avenues, including DNSSEC subdomain lists and Zone Transfers.

More examples and a full documentation is available on the Anubis repo.