What is Sublister and how does it works

Sublister OSINT

What does sublister do

Sublist3r (also known as Sublist3r.py) is an open-source Python tool designed to enumerate subdomains of a given domain. It uses various search engines (such as Google, Yahoo, Bing, and others) and web services to discover subdomains associated with the target domain. Sublist3r provides a quick and effective way to gather information about the subdomains, which can be useful for security assessments, bug bounty hunting, or reconnaissance purposes.

Working of Sublister

Sublist3r works by querying search engines and web services for subdomains related to the target domain. It uses API calls and web scraping techniques to gather this information. The tool then consolidates the obtained data and presents a list of discovered subdomains for further analysis.

Sublister used in Hacking and OSINT

Commands of Sublister

Install Sublist3r

Before using Sublist3r, you need to install it. You can do this using pip (Python package manager) by running

pip install sublist3r

Enumerate Subdomains

To enumerate subdomains for a specific target domain, use the following command

sublist3r -d example.com

Enumerate Subdomains with Multiple Search Engines

By default, Sublist3r uses multiple search engines. You can explicitly specify the search engines you want to use with the -e option, like this:

sublist3r -d example.com -e Google,Yahoo,Bing

Save Results to a File

To save the results to a file, use the -o option followed by the output file name. For example

sublist3r -d example.com -o output.txt

Brute Force Mode

Sublist3r also has a brute force mode to attempt to find subdomains by brute forcing. Use the -b option to enable this mode, like this:

sublist3r -d example.com -b

Specify a DNS Server:

You can specify a DNS server to be used for resolving subdomains by using the -r option, like this

sublist3r -d example.com -r

Show Help and Options

To see all available options and usage information, use the -h or --help option

sublist3r -h

How Sublister can be used in Hacking and OSINT

In Hacking:

  1. Reconnaissance and Footprinting: Hackers can use Sublist3r to gather information about the subdomains of a target domain as part of their reconnaissance process. By discovering subdomains, they may identify potentially vulnerable systems or services that could be exploited in subsequent stages of an attack.
  2. Exploitation: Sublist3r helps hackers identify overlooked subdomains, which might contain outdated or misconfigured services with known vulnerabilities. These subdomains can serve as potential entry points for exploitation.
  3. Social Engineering Attacks: Subdomains often contain various email addresses and personnel details. Hackers can leverage this information for social engineering attacks, such as spear-phishing, to target specific individuals within an organization.


  1. Information Gathering: Sublist3r is a valuable tool for OSINT researchers and security professionals looking to gather information about a target organization’s online presence. Subdomains might reveal services or infrastructure hosted by third-party vendors, exposing potential security risks.
  2. Vulnerability Assessments: Organizations can use Sublist3r in their vulnerability assessment processes. By identifying subdomains, they can assess the attack surface and evaluate the risk posed by exposed services.
  3. Asset Discovery: Sublist3r aids in asset discovery, helping organizations gain a comprehensive understanding of their digital footprint. This information can be used to strengthen security measures and improve overall cyber resilience.

Important Note: While Sublist3r is a valuable tool for information gathering, it’s essential to emphasize that using it for malicious purposes or without proper authorization is illegal and unethical. Both ethical hackers and OSINT researchers should only use Sublist3r with explicit permission from the target organization or within the bounds of the law. Responsible and ethical use of OSINT tools is crucial to maintaining a positive impact on cybersecurity and respecting the privacy and security of others.

Leave a Comment

Your email address will not be published. Required fields are marked *