subbrute icon indicating copy to clipboard operation
subbrute copied to clipboard

Published 20 hours ago verified publisher icon TheRook

brute force is too slow!

Open marcelo321 opened this issue 4 years ago • 3 comments

Hello,

I shortened the wordlist to 1k subdomains and run the script again at 100 threads and still 15 minutes and keeps going...

that means that if i try the main wordlist of 130k subdomains it would take +5,40 hours

Is there any way to speed up this? what about the resolvers.txt? can i update it somehow? what type of resolvers and where should i look for them?

marcelo321 avatar Dec 23 '19 22:12 marcelo321

Hmm, yeah the resolvers.txt might need to be updated. It is a bit old. Let me re-generate it and do some tests. Thanks for the post.

On Mon, Dec 23, 2019 at 2:19 PM marcelo321 [email protected] wrote:

Hello,

I shortened the wordlist to 1k subdomains and run the script again at 100 threads and still 15 minutes and keeps going...

that means that if i try the main wordlist of 130k subdomains it would take +5,40 hours

Is there any way to speed up this? what about the resolvers.txt? can i update it somehow? what type of resolvers and where should i look for them?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/TheRook/subbrute/issues/72?email_source=notifications&email_token=AAD7MNY443FKI2K5VXNFUZ3Q2E2Q7A5CNFSM4J6YRY32YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4ICNBYHA, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAD7MN6ZPYJKCDHZBMVB7B3Q2E2Q7ANCNFSM4J6YRY3Q .

TheRook avatar Dec 24 '19 17:12 TheRook

Hello,

I've tried using the -t option to check some basic subdomains - all 1 letter subdomains in the range a-z0-9. I ran subbrute for about 2 hours and it produced no output. Would using a custom list of domain names help?

Radu

RaduNico avatar Oct 14 '20 21:10 RaduNico

Hi @RaduNico I am not a developer member of this project but I'm an avid penetration tester and i would highly suggest using a custom word list as it helps to narrow down the results also since this is a brute force tool the time it takes can be affected by many factors such as your internet speed, CPU/GPU power etc and you said you tried a-z0-9 that means your cpu and/or GPUs is trying to find every possible combo of every letter in the English language and every number 0-9 which is a lot of strain on any normal computer

0x00009b avatar Oct 16 '20 01:10 0x00009b