🔍 Subdomain Finder

We analyze Certificate Transparency logs, DNS records, and other public sources to find subdomains. This passive reconnaissance doesn't actively probe target systems, making it safe and non-intrusive.

Security professionals use subdomain enumeration to identify attack surface and forgotten assets. Researchers and competitors use it to understand an organization's infrastructure. It's also useful for SEO analysis and due diligence.

We find publicly visible subdomains from Certificate Transparency logs and DNS. Internal or private subdomains that never appear in public certificates won't be discovered by this passive method.

Yes! Use GET /v1/subdomains?domain=example.com for programmatic access. Ideal for security tools, asset inventory systems, and reconnaissance automation. View API documentation.