Back to Toolkit
Recon
View Source>_Subdomain Harvester
Passive and active subdomain enumeration engine with DNS brute-force, certificate transparency log scraping, and Shodan integration.
Key Features
- CT Log Scraping: Pull all subdomains from Certificate Transparency logs in real-time
- DNS Brute Force: Configurable wordlist-based subdomain discovery with thread control
- Live Host Detection: Automatically validates which subdomains resolve and respond
- Shodan Integration: Cross-reference discovered subdomains against Shodan's index
Example Usage
$
odivex-tools recon --target example.com --passive$
odivex-tools recon --target example.com --bruteforce --wordlist all.txt$
odivex-tools recon --target example.com --shodan --api-key $SHODAN_KEYSetup
Install via the OdiVex CLI framework:
pip install odivex-toolsOverview
Subdomain Harvester is a multi-source passive and active reconnaissance tool designed for the initial footprinting phase of penetration tests and bug bounty campaigns. It aggregates data from Certificate Transparency logs, DNS brute-force, and threat intelligence APIs into a single, deduplicated output.
Output Formats
Results are available in JSON, CSV, and raw text for easy piping into other tools:
odivex-tools recon --target example.com --passive --output json > results.json
Integration with Other Tools
Chain with SSRF Probe for immediate vulnerability testing of discovered subdomains:
odivex-tools recon --target example.com --passive | \
odivex-tools ssrf --url-file /dev/stdin
Related Intelligence
Further exploration based on cross-referenced content.