Discover and explore top open-source AI tools and projects—updated daily.
SubGPT by 
s0md3v
CLI tool for AI-powered subdomain discovery
Top 79.8% on SourcePulse
SubGPT is a tool designed to discover new subdomains for a given domain by leveraging AI, specifically BingGPT. It's intended for security researchers and penetration testers who have already gathered an initial set of subdomains and want to expand their scope using AI-generated possibilities. The primary benefit is uncovering subdomains that traditional enumeration methods might miss.
How It Works
SubGPT takes an existing list of subdomains for a target domain and feeds them to BingGPT. The AI model then generates new, plausible subdomains based on the input patterns. These generated subdomains are subsequently checked against A/CNAME records to verify their existence. This AI-driven approach allows it to discover subdomains that are contextually relevant and potentially overlooked by brute-force or dictionary-based tools.
Quick Start & Requirements
- Install:
pip install subgptorgit clone https://github.com/s0md3v/SubGPT && cd SubGPT && python setup.py install - Requirements: A Bing cookie obtained via a browser extension (e.g., Chrome, Firefox) and saved to a JSON file.
- Usage:
subgpt -i input.txt -o output.txt -c /path/to/cookies.json - More info: Bing Cookie, Usage
Highlighted Details
- Utilizes AI (BingGPT) for subdomain generation, aiming for contextually relevant discoveries.
- Verifies subdomain existence via A/CNAME records.
- Automatically detects and handles wildcard subdomains.
- Performance: Approximately 45 seconds for every 80 subdomains.
Maintenance & Community
- Developed by s0md3v.
- Issues related to BingGPT should be reported to the EdgeGPT project.
Licensing & Compatibility
- License: Not explicitly stated in the README.
- Compatibility: Designed for use with existing subdomain lists.
Limitations & Caveats
The tool is subject to Bing's daily usage limits and is slower than traditional subdomain enumeration tools. It cannot replace established generators like gotator or alterx. The effectiveness is dependent on the quality of the initial subdomain list and the AI's ability to infer relevant patterns.
1 year ago
Inactive
Explore Similar Projects
hadriansecurity
ARPSyndicate
Bandit-HaxUnit
b0o
Ground-Zerro
tb0hdan
ha0z1
Chip Huyen(Author of "AI Engineering", "Designing Machine Learning Systems") and 
Simon Willison(Coauthor of Django).semantra by 
freedmand
d3mondev
Omar Sanseviero(DevRel at Google DeepMind), 
Luca Soldaini(Research Scientist at Ai2), and 
oramasearch
yogeshojha