Working with Dome Tool on Kali Linux OS

Example 1: Perform active and passive scan, show the IP address of each subdomain and make a port scan using top-web-ports. Data will also be written in /the results folder

python3 dome.py -m active -d w3wiki.org -w wordlists/wordlist.txt -i –top-web-ports -o

In this example, we are performing a simple scan on the w3wiki.org domain which will give us the subdomains and the tool will also check the top ports.

We have got the list of subdomains of w3wiki.org.

Example 2: Perform passive scan in silent mode and write output to files

python3 dome.py -m passive -d w3wiki.org –silent –output

In this example, we are performing a silent scan without any run-time messages or logs.

Our results are saved in the results directory with various files.

We have displayed the results_w3wiki.html file which shows the list of subdomains.

Example 3: Only Bruteforce with the wordlist

python3 dome.py -m active -d w3wiki.org -w wordlists/subdomains-5000.txt –no-bruteforce

In this example, we are brute-forcing the subdomain scan by using the wordlist (subdomains-5000.txt).

Example 4: Scan active and passive and perform port scan ONLY in ports 22,80,3306

python3 dome.py -m active -d w3wiki.org -w wordlists/top1million.txt -p 22,80,3306

In this example, we are checking for the specific ports on the target domain.

We have got the list of open ports and the subdomains.

Dome is an automated cyber-security tool developed in the Python language that is used in the process of subdomain enumerations. This subdomain can be tested for getting the bugs out of it. The Dome tool has an active and passive mode for the enumeration process. Dome tool is available on the GitHub platform for free and is open source to use. This tool is highly recommended for security researchers and bug bounty hunters.