A high-performance Go tool for automating subdomain enumeration across multiple domains using various techniques and sources by Thexnumb.
-
Multiple Data Sources: Collects subdomains from various sources including:
- AbuseIPDB WHOIS information
- Subdomain.center API
- Subfinder
- Chaos
- Certificate Transparency logs (crt.sh)
- GetAllUrls (gau)
- Wayback Machine
- Assetfinder
- Amass
-
Concurrent Processing: Uses Go routines for parallel execution of all modules
-
Flexible Input Options: Process a single domain or a list of domains from a file
-
Flexible Output Options: Output to stdout or save to a file
-
Deduplication: Ensures unique subdomains in the output
-
Filtering: Removes invalid and wildcard subdomains
Before installing THEXRECON, make sure you have the following prerequisites:
You need Go 1.18 or higher installed. If you don't have Go installed:
-
Linux/Mac:
# Download and install Go wget https://go.dev/dl/go1.20.4.linux-amd64.tar.gz sudo tar -C /usr/local -xzf go1.20.4.linux-amd64.tar.gz # Add Go to your PATH echo 'export PATH=$PATH:/usr/local/go/bin:$HOME/go/bin' >> ~/.profile source ~/.profile
-
Windows: Download and install from https://go.dev/dl/
Additional requirements:
curlcommand-line tool (usually pre-installed on most systems)
Consider that you should put the API-Key of the CHAOS to the ~/.configs/chaos/config.yaml
go install github.com/thexnumb/thexrecon@latestThis will download, compile, and install the tool to your $GOPATH/bin directory, which should be in your PATH.
-
Clone the repository:
git clone https://github.com/thexnumb/thexrecon.git cd thexrecon -
Build the tool:
go build -o thexrecon
-
(Optional) Install to your GOPATH:
go install
The tool requires an AbuseIPDB session cookie for one of its modules. You have two ways to configure this:
-
Config file (recommended):
- Create a file named
.thexrecon.yamlin your home directory or in the current directory - Use the following format:
abuseipdb_session: "YOUR-SESSION-COOKIE-HERE"
- An example config file is provided as
/example/.thexrecon.yaml.example
- Create a file named
-
Source code (for manual installation):
- Open
main.goand update thedefaultConfigvariable
- Open
To get your AbuseIPDB session cookie:
- Log in to https://www.abuseipdb.com/
- Open developer tools (F12)
- Go to the Application tab
- Look for the
abuseipdb_sessioncookie and copy its value
If you installed with go install, you can run the tool directly:
thexrecon -u example.comIf you built it manually, run it with:
./thexrecon -u example.com| Option | Description |
|---|---|
-u domain.com |
Process a single domain |
-l domains.txt |
Process multiple domains from a file |
-o results.txt |
Save output to a file (otherwise outputs to stdout) |
-c |
Check dependencies and exit |
-v |
Show version information |
-h |
Show help information |
Process a single domain:
thexrecon -u example.comProcess multiple domains from a file:
thexrecon -l domains.txtSave output to a file:
thexrecon -u example.com -o results.txtCheck dependencies:
thexrecon -cIf using the -l option, create a text file with one domain per line:
example.com
example.org
other_example.net
Comments can be added by prefixing the line with #.
This tool is optimized for performance by:
- Using Go's concurrency model with goroutines
- Processing multiple sources in parallel
- Efficiently handling and filtering results
You can easily extend the tool by adding new modules in the main.go file.
- Some functions (like
CrtSh) require network access to external services - The script includes error handling to prevent failures if a particular source is unavailable
- Respect rate limits of the services you're querying to avoid IP blocks
This project is licensed under the MIT License - see the LICENSE file for details.
