ksubdomain Subdomain Brute

Trust Score 77/100

High-speed, stateless subdomain brute-force and verification using ksubdomain; optimized for large-scale discovery and validation where raw-socket performance a

triggers:subdomain brute forceksubdomainsubdomain enumerationdns validationhigh-speed subdomain discovery

GitHub SKILL.md

What it does

ksubdomain-brute documents how to use ksubdomain — a stateless, raw-socket subdomain brute-forcing and verification tool — to discover and validate large numbers of subdomains at very high speed. The skill covers two primary modes (verify and enum), bandwidth control, resolver configuration, and practical command examples for integrating with tools like subfinder. It’s intended for large-scale reconnaissance and validation workflows where speed and throughput are essential.

When to use it

Use this skill when you need to validate or enumerate large subdomain lists quickly (e.g., pentest target mapping, large-scope asset discovery, or automated verification of enumerated lists). Prefer ksubdomain when raw-socket performance or extreme throughput matters and when you can run with elevated privileges (root) and control bandwidth to avoid network disruption.

What's included

Scripts: none embedded, but the skill provides concrete CLI recipes for verify and enum modes (examples for integration with subfinder).
References: links to the upstream project (https://github.com/boy-hack/ksubdomain) mentioned in the skill body.
Instructions: phased guidance — Phase 1 (verification of lists), Phase 2 (enumeration with custom dictionaries and retries), Phase 3 (advanced options like custom resolvers, silent output, and high-bandwidth settings). Includes sample commands for bandwidth control and combining with subfinder.

Compatible agents

{}

Audit Summary

A subdomain brute-force skill using ksubdomain, a high-speed stateless DNS enumeration tool. The SKILL.md is well-organized into verification and enumeration phases with practical command examples. No bundled scripts to execute. The skill is targeted at pentesters and requires root/sudo privileges. Documentation is in Chinese, which limits accessibility for a broader audience.

Watch Out

Requires root/sudo privileges to run ksubdomain (raw socket access)
Documentation is entirely in Chinese
Requires ksubdomain binary to be pre-installed

Notes

Pentest/recon tool — inherently offensive in nature but legitimate for security professionals. No malicious patterns detected (no exfiltration, no credential harvesting, no backdoors). Sudo usage is required by ksubdomain's raw socket design, not a red flag in context.

Information

Repository: aboutsecurity
Stars: 1,200
Installs: 0

Trust Score

Overall77

Security90

Code Quality68

Architecture60

Usefulness55

More from aboutsecurity

Command Injection Methodology

Comprehensive methodology for detecting, exploiting, and bypassing OS command injection, including blind extraction and output-filtering workarounds.

CTF Reverse Engineering

Practical reverse-engineering techniques for CTFs: static & dynamic analysis, anti-debug bypasses, custom VM handling, and multi-platform tooling.

Related Skills

Retriever (Membrane CLI)

Integrate Retriever search and discovery via the Membrane CLI — manage connections and run queries across Retriever data sources.

Reverse Engineer

Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for

Sandbox0 Integration

Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.

GraphQL Inspector — Validate

Validate GraphQL operations against a schema with configurable depth, complexity, alias and directive limits to catch errors before runtime.

Alpha Forge Pre-Ship Quality Gates

Pre-merge quality gates for PRs that validate RNG determinism, forked URLs, runtime parameter ranges, and manifest synchronization to reduce review cycles.

CTF Write-up Generator

Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.

Evolve — Goal-Driven Improvement Loop

Autonomous improvement loop that selects high-value work, runs a full research-plan-implement (/rpi) cycle, validates changes, and repeats to compound repo impr

Azure External Attack Surface Management

Provides expert guidance for Azure External Attack Surface Management (EASM): quotas, configuration, integrations, and exporting inventory to analytics platform

Back to Skills