AdamsRecon

A Comprehensive Subdomain Enumeration Script - Inspired by Heath Adams (TCM Security) and the PJPT course

AdamsScan is an automated subdomain enumeration script that utilizes multiple popular tools and APIs like Sublist3r, Amass, Subfinder, Findomain, crt.sh and TheHarvester. It helps security researchers discover subdomains, gather valuable information, and streamline passive reconnaissance for security assessments. Designed during TCM Security's PJPT training, this tool streamlines early-stage penetration testing workflows.

Note: Before using AdamsRecon, ensure that you have the latest versions of all required tools installed. Keeping these tools up to date ensures optimal performance and compatibility with the script.

✨ Features

Integrated Tool Suite:

• Combines 6+ reconnaissance tools
• Smart Validation: Auto-filter subdomains belonging to target
• Multi-Data Extraction: IPs, Emails, ASNs, and more
• API Integration: Supports 14+ TheHarvester data sources
• Live Subdomain Verification: Powered by httpx
• Color-Coded Workflow: Easy-to-read terminal output
• Custom Parsing: Organized output structure

Usage

cd AdamsRecon

chmod +x adamsrecon.py

./AdamsRecon.py

Prerequisites & Required System Tools:

AdamsRecon requires Python 3.6 or higher to run.

🛠 Installation

Run the following command to install the latest version:

git clone https://github.com/hehacksdark/AdamsRecon.git

Install dependencies

sudo apt install python3-pip git

Install required tools

pip3 install sublist3r theHarvester httpx findomain amass

go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest

Workflow

1. Enter target domain (e.g., example.com)
2. Select tools (comma-separated numbers)
3. Configure API keys if using TheHarvester
4. Review results in /subdomains directory

Output Files

• combined_subdomains.txt: All validated subdomains
• live_subdomains.txt: Verified active domains
• TheHarvester Data:
  - theharvester_emails.txt
  - theharvester_ips.txt
  - theharvester_asns.txt

🔧 Configuration

API Keys (Optional)

Set environment variables for TheHarvester integrations:

# Example for Shodan
export SHODAN_API_KEY="your_key_here"

See full list in Configuration Guide

📂 Output Structure

📦 results/
├── 📄 combined_subdomains.txt
├── 📄 live_subdomains.txt
          └── 📁 subdomains/
           ├── 📄 amass.txt
           ├── 📄 sublist3r.txt
           ├── 📄 subfinder.txt
           ├── 📄 findomain.txt
           ├── 📄 theharvester_*.txt
           ├── 📄 crtsh.txt
           └── 📄 cleaned.txt

🤝 Contributing

1. Fork the repository
2. Push branch (git push origin feature/improvement)
3. Open Pull Request

⚠️ Disclaimer

Use Responsibly! This tool is for:

• Authorized penetration testing
• Educational purposes
• Security research
• Developers assume no liability for unauthorized/malicious use.

📜 License

GNU General Public License v1.0

What’s next? 🚀

I’m already working on AdamsRecon Version 1.1, which will include:

• New Tools: WaybackURL and a tool to capture screenshots of subdomain pages.
• Interactive Features: Customizable commands and options for each selected tool.
• Even more structured output: Better data categorization for deeper insights

Stay tuned for the update! It's coming soon, and I can't wait to share it with you. 🛠️

🙏 Acknowledgments

• Heath Adams/TCM Security for inspiration - @hmaverickadams
• Open-source tool maintainers:

           - Sublist3r by @aboul3la.
           - Subfinder by ProjectDiscovery.
           - TheHarvester
           - Amass by OWASP
           - Findomain by @Edu4rdSHL.
           - httpx by ProjectDiscovery.