1lo1lo1/subsurge
GitHub: 1lo1lo1/subsurge
一款无需 API 密钥的快速被动子域名枚举工具,并发查询多个免费数据源以提升侦察效率。
Stars: 0 | Forks: 0
# 🔍 subsurge
快速、被动子域名枚举 — **无需 API 密钥**。
subsurge 同时查询 **16 个免费数据源**,即时流式输出结果,并直接接入你的侦察流程。使用 Go 编写 — 单个二进制文件,无依赖。
## ⚡ 功能
- **16 个免费数据源** — 无需注册、无需 API 密钥
- **流式输出** — 结果到达即打印
- **通配符检测** — 自动丢弃误报
- **管道就绪** — `stdin` 输入,`stdout` 输出
- **多种格式** — 明文、JSON、静默
- **智能过滤** — 正则匹配/跳过、去重
## 📦 安装
### 方法 1:go install(推荐)
```
go install github.com/1lo1lo1/subsurge/cmd/subsurge@latest
Method 2: From Source
git clone https://github.com/1lo1lo1/subsurge.git
cd subsurge
go build -o subsurge cmd/subsurge/main.go
sudo mv subsurge /usr/local/bin/
🚀 Quick Start
# 基础扫描 — 无需设置!
subsurge -d example.com --free
# 静默模式用于管道传输
subsurge -d example.com --free --silent | httpx -silent
# 多域名
cat domains.txt | subsurge --free --silent | anew found.txt
# JSON 输出
subsurge -d example.com --free -f json -o results.json
🔧 Pipeline Examples
# 经典侦察
subsurge -d target.com --free --silent | dnsx -silent | httpx -silent | nuclei -t cves/
# 端口扫描
subsurge -d target.com --free --silent | naabu -silent
# 过滤暂存/开发环境
subsurge -d target.com --free --silent --match "(staging|dev|test|qa)\."
# 与 subfinder 结合
{ subfinder -d target.com -silent; subsurge -d target.com --free --silent; } | sort -u | dnsx -silent
📋 All Flags
| Flag | Description |
| ----------------------- | ----------------------------------- |
| `-d, --domain` | Target domain |
| `-l, --list` | File with domains |
| `-o, --output` | Save to file |
| `-f, --format` | Output: `plain`, `json`, `silent` |
| `--free` | **Only free sources (no API keys)** |
| `--silent` | Domains only, no banners |
| `--verbose` | Show source progress |
| `-m, --match` | Regex to include |
| `--filter` | Regex to exclude |
| `-e, --exclude-sources` | Skip specific sources |
| `--timeout` | HTTP timeout (default: 30s) |
🌐 Free Sources (No API Key)
| Source | Type |
| ------------ | ------------------------ |
| crt.sh | Certificate Transparency |
| certspotter | CT logs |
| hackertarget | DNS lookup |
| alienvault | OTX passive DNS |
| urlscan | Web scan index |
| threatcrowd | Threat intel |
| threatminer | Threat intel |
| anubis | Subdomain DB |
| rapiddns | DNS lookup |
| bufferover | FDNS dataset |
| dnsrepo | DNS repository |
| wayback | Internet Archive |
| commoncrawl | Web crawl index |
| dnsdumpster | DNS recon |
| sublist3r | Sublist3r API |
| leakix | Leaks DB (limited) |
🔑 Optional: API Keys (More Sources)
Want 27 total sources? Add API keys for deeper results:
# 生成配置模板
subsurge config
# 编辑:~/.config/subsurge/config.yaml
🏗️ Architecture
cmd/ → CLI entrypoint
internal/ → Core logic
├── filter/ → Deduplication, wildcards
├── output/ → Formatters
├── ratelimit/→ Token bucket
├── runner/ → Parallel orchestration
└── sources/ → 16 free + 11 keyed implementations
pkg/models/ → Shared types
🤝 Contributing
PRs welcome! Run go fmt ./... before submitting.
📜 License
MIT
```
标签:API安全, EVTX分析, Go语言, JSON输出, Linux安全, SEO, Spyse API, 免费数据源, 单二进制, 去重, 子域名枚举, 开源, 无API密钥, 无依赖, 日志审计, 智能过滤, 正则过滤, 流式输出, 程序破解, 管道就绪, 系统安全, 网络调试, 自动化, 被动枚举, 通配符检测, 静默模式