DSInt is a comprehensive reconnaissance tool for domain intelligence gathering and subdomain enumeration. It combines the power of multiple tools (Amass, Subfinder, DNSenum, Sublist3r, and MassDNS) to discover and validate subdomains, map IP addresses, and provide detailed reports.
This tool is designed to help security professionals, bug bounty hunters, and penetration testers streamline their reconnaissance process with a unified command-line interface for various subdomain discovery techniques.
- Overview
- Features
- Installation
- Usage
- Output Files
- Screenshots
- License
- Contributing
- Acknowledgements
- Disclaimer
- Multiple Discovery Methods: Combines results from Amass, Subfinder, DNSenum, and Sublist3r
- MassDNS Integration: Validates subdomains through DNS resolution
- Dictionary-based Discovery: Includes bruteforce subdomain discovery with custom wordlists
- IP Mapping: Maps discovered subdomains to their IP addresses
- Recursive Enumeration: Option to recursively enumerate discovered subdomains
- Structured Output: Generates organized, readable reports
- Rich Visualizations: Beautiful terminal output with progress indicators
- Flexible Verbosity: Control the amount of output detail
- Email Security Analysis: Checks for SPF, DKIM, and DMARC records to evaluate email spoofing protection
- Python 3.6 or higher
- The following tools installed and in your PATH:
-
Clone the repository:
git clone https://github.com/fredycibersec/DSInt.git cd DSInt -
Install Python dependencies:
pip install -r requirements.txt
-
Verify installation:
python domain_recon.py --version
The requirements.txt file includes:
- rich==13.4.2 - For beautiful terminal output
- requests==2.31.0 - For HTTP requests
- dnspython==2.3.0 - For DNS operations
python domain_recon.py example.comThis will:
- Run all configured subdomain discovery tools
- Validate discovered subdomains with MassDNS
- Map IP addresses to discovered subdomains
- Generate reports in the
results/example.com_TIMESTAMP/directory
# Run with increased verbosity
python3 domain_recon.py example.com -v
# Run with minimal output
python3 domain_recon.py example.com -q
# Specify IP address mode (for IP reconnaissance)
python3 domain_recon.py 192.168.1.1 --ip
# Enable recursive enumeration (enumerate discovered subdomains)
python3 domain_recon.py example.com --recursive
# Skip MassDNS verification stage
python3 domain_recon.py example.com --no-massdns
# Use custom output directory
python3 domain_recon.py example.com --output-dir custom_folder
# Use custom wordlist for dictionary-based discovery
python3 domain_recon.py example.com --wordlist path/to/wordlist.txt
# Skip dictionary-based subdomain discovery
python3 domain_recon.py example.com --skip-wordlist
# Run only specific tools
python3 domain_recon.py example.com --tools amass,subfinder
# Check email security records (SPF, DKIM, DMARC)
python3 domain_recon.py example.com --check-email-security
# Export results to specific formats
python3 domain_recon.py example.com --export json,csvResults are saved in the results/[domain]_[timestamp]/ directory:
| File | Description |
|---|---|
[domain]_subdomains.txt |
Complete list of all discovered subdomains |
[domain]_results.json |
Detailed JSON results including tool-specific findings and email security analysis (when enabled) |
[domain]_summary.txt |
Human-readable summary of findings including email security analysis (when enabled) |
[domain]_ip_mapping.json |
JSON mapping of IPs to associated domains |
[domain]_ip_mapping.txt |
Human-readable IP to domain mapping |
Sample output:
results/example.com_20230621_120145/
βββ example.com_subdomains.txt
βββ example.com_results.json
βββ example.com_summary.txt
βββ example.com_ip_mapping.json
βββ example.com_ip_mapping.txt
DSInt in action showing subdomain discovery process
This project is licensed under the MIT License - see the LICENSE file for details.
Contributions are welcome! Here's how you can contribute:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
Please make sure to update tests as appropriate and follow the code style guidelines.
- The developers of Amass, Subfinder, DNSenum, Sublist3r, and MassDNS
- The Rich library for beautiful terminal output
- All open-source contributors who make tools like this possible
This tool is provided for educational and legal security assessment purposes only. Always obtain proper authorization before conducting security testing against any domain or system.
Misuse of this tool can lead to legal consequences. The authors and contributors are not responsible for any misuse or damage caused by this program.
- Amass - In-depth Attack Surface Mapping and Asset Discovery
- Subfinder - A subdomain discovery tool
- MassDNS - A high-performance DNS stub resolver
Made with β€οΈ by SaruMan