Subdomain enumeration is the process of finding valid (resolvable) subdomains for one or more domain(s). The general system is to use a dictionary of common names, trying to resolve them. These detected subdomains can reveal crucial information about the target, which might not be present in the main domain. Massc tool is a Nodejs language-based tool used to find the subdomains with 200 OK Status code. This tool is an open-source tool and free to use. Massc tool brute-forces the words from the default wordlists and sends the request to the target domain web server, if the webserver serves the request with the standard response, then the tool displays the subdomain with the 200 OK status code else there might be the absence of the specified subdomain the target domain server.
Features of Massc Tool:
- It enumerates the subdomain of the target domain.
- It is designed in the Node.js Language.
- It uses the wordlists to brute-force and detects subdomains.
- It is open-source and free to use the tool.
- It returns the subdomains with 200 OK Status code.
Installation of Massc Tool on Kali Linux OS: Make Sure You have already installed Node.js on your System, as this is a JavaScript-based tool. For node.js installation, check Installation of Node.js on Linux article.
Step 1: Check whether JS Environment is Established or not, use the following command.
nodejs --version
Step 2: Open up your Kali Linux terminal and move to Desktop using the following command.
cd Desktop
Step 3: You are on Desktop, now create a new directory called Massc using the following command. In this directory, we will install the Massc tool.
mkdir Massc
Step 4: Now switch to Massc directory using the following command.
cd Massc
Step 5: Now you have to install the tool. You have to clone the tool from GitHub.
git clone https://github.com/radenvodka/massc.git
Step 6: The tool has been downloaded successfully in the Massc directory. Now list out the contents of the tool by using the below command.
ls
Step 7: You can observe that there is a new directory created of the Massc tool that has been generated while we were installing the tool. Now move to that directory using the below command:
cd massc
Step 8: Once again to discover the contents of the tool, use the below command.
ls
Step 9: Run the massc.js file with the target domain URL for getting the Subdomains.
nodejs massc.js geeksforgeeks.org
Working with Massc Tool on Kali Linux OS:
Example: neveropen Target
nodejs massc.js geeksforgeeks.org
In this example, we will be detecting or finding the subdomains of geeksforgeeks.org form wordlists which is provided by default with the tool. In the below screenshot, We have displayed the contents or the keywords which will be brute-forced for finding the subdomains.
Wordlist content
In the below screenshot, You can see that Massc tool makes the request to the target domain and checks whether there is any responsibility for the specified word used to find the subdomain.
No Subdomains Detected Yet
In the below screenshot, you can see that geeksforgeeks.org has responded to the auth.geeksforgeeks.org subdomain. This subdomain actually exits on the geeksforgeeks.org server.
Subdomain Detected (1)
In the below Screenshot, we have got the campus.geeksforgeeks.org subdomain detected on the geeksforgeeks.org server.
Subdomain Detected (2)
In the below screenshot, we have got the marketing.geeksforgeeks.org subdomain detected on the geeksforgeeks.org server.
Subdomain Detected (3)
