OneForAll is a powerful open-source tool designed for subdomain enumeration and mapping. It is used for identifying all the subdomains associated with a target domain, making it a valuable tool for security professionals and penetration testers. OneForAll helps in gathering OSINT (Open Source Intelligence), improving reconnaissance phases during web application assessments, and assisting in identifying vulnerabilities that may exist in subdomains of a target organization.
In this guide, we will walk you through the installation, configuration, and usage of OneForAll, covering its advanced features and providing practical examples for each step.
Table of Contents
What is OneForAll?
System Requirements
Installation
Installation on Linux
Installation on Windows (via WSL)
Installing Dependencies
Setting Up OneForAll
Basic Usage
Advanced Features and Options
Using Different Methods for Subdomain Enumeration
Custom Wordlist Integration
Multi-Threading Support
Exporting Results
Using OneForAll with Proxy
Troubleshooting
Conclusion
1. What is OneForAll?
OneForAll is a subdomain enumeration tool that performs subdomain brute-forcing and uses a variety of techniques to discover hidden subdomains for a given domain. The tool is designed to perform fast and accurate subdomain enumeration by utilizing multiple data sources, such as DNS records, APIs, and search engines.
Key Features:
Supports multiple subdomain enumeration techniques.
Built-in DNS resolution capabilities.
Ability to use custom wordlists for brute-forcing.
Output can be saved in various formats, such as JSON and CSV.
Multi-threaded for faster results.
2. System Requirements
Before installing OneForAll, ensure your system meets the following requirements:
Operating System: Linux (Ubuntu is recommended) or Windows (via WSL - Windows Subsystem for Linux)
Dependencies: Python 3.x, Git, and pip
Memory: At least 4 GB RAM
Disk Space: 500 MB free disk space
Python Libraries: Requests, BeautifulSoup4, dnspython, and other dependencies listed in requirements.txt
3. Installation
3.1 Installation on Linux (Ubuntu)
To install OneForAll on a Linux system (e.g., Ubuntu), follow these steps:
Install required dependencies: Update the package manager and install essential packages like Git, Python 3, and pip:
sudo apt update
sudo apt install -y git python3 python3-pip python3-dev
Clone the OneForAll repository: Navigate to the directory where you want to install OneForAll and clone the repository:
git clone https://github.com/shmilylty/OneForAll.git
cd OneForAll
Install Python dependencies: After cloning the repository, install all the required Python libraries using pip:
pip3 install -r requirements.txt
Start OneForAll: Once the installation is complete, you can run the tool:
python3 oneforall.py
3.2 Installation on Windows (via WSL)
For Windows users, OneForAll can be installed through WSL (Windows Subsystem for Linux).
Install WSL: Follow the official WSL installation guide to set up Ubuntu or another Linux distribution on Windows.
Install Git, Python, and pip: After setting up WSL and Ubuntu, install the required packages inside your WSL environment:
sudo apt update
sudo apt install -y git python3 python3-pip python3-dev
Clone the OneForAll repository: Clone the OneForAll repository from GitHub:
git clone https://github.com/shmilylty/OneForAll.git
cd OneForAll
Install Python dependencies: Install all the required Python libraries:
pip3 install -r requirements.txt
Run OneForAll: Execute the tool:
python3 oneforall.py
3.3 Installing Dependencies Manually
If you encounter any issues with the dependencies during installation, you can manually install them using pip:
pip3 install requests beautifulsoup4 dnspython
Ensure that you have all the required libraries installed before proceeding.
4. Setting Up OneForAll
After installation, you can configure OneForAll to run efficiently. There are various configuration files and options that allow you to customize the tool’s behavior.
Config File
In the OneForAll directory, you will find a config.py file. This file contains various configuration settings such as:
API keys: You can configure API keys for services like Shodan, Censys, and Virustotal to use their APIs for subdomain enumeration.
Brute-forcing settings: Adjust the number of threads and other brute-forcing parameters for more control over the speed and accuracy of the tool.
Open the config.py file and input your API keys and any other necessary settings.
5. Basic Usage
To run OneForAll for basic subdomain enumeration, simply pass the target domain as an argument.
Example:
python3 oneforall.py -d example.com
This will initiate a scan on the domain example.com and attempt to find all subdomains using multiple techniques.
6. Advanced Features and Options
6.1 Using Different Methods for Subdomain Enumeration
OneForAll supports several methods for subdomain enumeration. By default, it will use multiple techniques, including:
DNS Resolution
Search Engine Scraping
API Queries (e.g., Virustotal, Shodan, etc.)
Brute-Force (Wordlist-based)
You can select or disable specific methods using the -m flag. For example, to only use DNS resolution and skip brute-forcing, you can run:
python3 oneforall.py -d example.com -m dns,api
6.2 Custom Wordlist Integration
OneForAll allows you to use custom wordlists for brute-forcing subdomains. To specify a custom wordlist, use the -w flag:
python3 oneforall.py -d example.com -w /path/to/wordlist.txt
Make sure your wordlist contains common subdomain names or potential subdomains related to the target domain.
6.3 Multi-Threading Support
OneForAll supports multi-threading to speed up the enumeration process. You can adjust the number of threads using the -t option:
python3 oneforall.py -d example.com -t 50
This will use 50 threads to perform the scan. Be cautious when using a large number of threads, as it can lead to rate-limiting or blocking by the target domain.
7. Exporting Results
OneForAll allows you to export the results in various formats, including CSV, JSON, or plain text.
Example to export results to CSV:
python3 oneforall.py -d example.com -o csv
You can also specify a custom output file:
python3 oneforall.py -d example.com -o result.csv
8. Using OneForAll with Proxy
For anonymity or to bypass network restrictions, you can use a proxy with OneForAll. This can be done using the -p flag to specify the proxy settings:
Example:
python3 oneforall.py -d example.com -p http://127.0.0.1:8080
This will route all traffic through the specified proxy.
9. Troubleshooting
Common Issues and Solutions
API Key errors: If you see errors related to API keys (e.g., "Invalid API Key"), ensure that your API keys are correctly configured in the config.py file.
Rate-limiting or blocking: If the tool is blocked by the target server (especially when using search engines or APIs), consider using a proxy or adding delays between requests.
Dependencies not installed: Ensure that all dependencies are installed by running:
pip3 install -r requirements.txt
No subdomains found: If OneForAll finds no subdomains for the target, try using different methods or a more extensive wordlist.
10. Conclusion
OneForAll is a robust and flexible tool for subdomain enumeration that can help security professionals and penetration testers gather valuable information during the reconnaissance phase of security assessments. With multiple subdomain discovery techniques, customizable wordlists, and support for API integrations, OneForAll makes it
In this guide, we will walk you through the installation, configuration, and usage of OneForAll, covering its advanced features and providing practical examples for each step.
Table of Contents
What is OneForAll?
System Requirements
Installation
Installation on Linux
Installation on Windows (via WSL)
Installing Dependencies
Setting Up OneForAll
Basic Usage
Advanced Features and Options
Using Different Methods for Subdomain Enumeration
Custom Wordlist Integration
Multi-Threading Support
Exporting Results
Using OneForAll with Proxy
Troubleshooting
Conclusion
1. What is OneForAll?
OneForAll is a subdomain enumeration tool that performs subdomain brute-forcing and uses a variety of techniques to discover hidden subdomains for a given domain. The tool is designed to perform fast and accurate subdomain enumeration by utilizing multiple data sources, such as DNS records, APIs, and search engines.
Key Features:
Supports multiple subdomain enumeration techniques.
Built-in DNS resolution capabilities.
Ability to use custom wordlists for brute-forcing.
Output can be saved in various formats, such as JSON and CSV.
Multi-threaded for faster results.
2. System Requirements
Before installing OneForAll, ensure your system meets the following requirements:
Operating System: Linux (Ubuntu is recommended) or Windows (via WSL - Windows Subsystem for Linux)
Dependencies: Python 3.x, Git, and pip
Memory: At least 4 GB RAM
Disk Space: 500 MB free disk space
Python Libraries: Requests, BeautifulSoup4, dnspython, and other dependencies listed in requirements.txt
3. Installation
3.1 Installation on Linux (Ubuntu)
To install OneForAll on a Linux system (e.g., Ubuntu), follow these steps:
Install required dependencies: Update the package manager and install essential packages like Git, Python 3, and pip:
sudo apt update
sudo apt install -y git python3 python3-pip python3-dev
Clone the OneForAll repository: Navigate to the directory where you want to install OneForAll and clone the repository:
git clone https://github.com/shmilylty/OneForAll.git
cd OneForAll
Install Python dependencies: After cloning the repository, install all the required Python libraries using pip:
pip3 install -r requirements.txt
Start OneForAll: Once the installation is complete, you can run the tool:
python3 oneforall.py
3.2 Installation on Windows (via WSL)
For Windows users, OneForAll can be installed through WSL (Windows Subsystem for Linux).
Install WSL: Follow the official WSL installation guide to set up Ubuntu or another Linux distribution on Windows.
Install Git, Python, and pip: After setting up WSL and Ubuntu, install the required packages inside your WSL environment:
sudo apt update
sudo apt install -y git python3 python3-pip python3-dev
Clone the OneForAll repository: Clone the OneForAll repository from GitHub:
git clone https://github.com/shmilylty/OneForAll.git
cd OneForAll
Install Python dependencies: Install all the required Python libraries:
pip3 install -r requirements.txt
Run OneForAll: Execute the tool:
python3 oneforall.py
3.3 Installing Dependencies Manually
If you encounter any issues with the dependencies during installation, you can manually install them using pip:
pip3 install requests beautifulsoup4 dnspython
Ensure that you have all the required libraries installed before proceeding.
4. Setting Up OneForAll
After installation, you can configure OneForAll to run efficiently. There are various configuration files and options that allow you to customize the tool’s behavior.
Config File
In the OneForAll directory, you will find a config.py file. This file contains various configuration settings such as:
API keys: You can configure API keys for services like Shodan, Censys, and Virustotal to use their APIs for subdomain enumeration.
Brute-forcing settings: Adjust the number of threads and other brute-forcing parameters for more control over the speed and accuracy of the tool.
Open the config.py file and input your API keys and any other necessary settings.
5. Basic Usage
To run OneForAll for basic subdomain enumeration, simply pass the target domain as an argument.
Example:
python3 oneforall.py -d example.com
This will initiate a scan on the domain example.com and attempt to find all subdomains using multiple techniques.
6. Advanced Features and Options
6.1 Using Different Methods for Subdomain Enumeration
OneForAll supports several methods for subdomain enumeration. By default, it will use multiple techniques, including:
DNS Resolution
Search Engine Scraping
API Queries (e.g., Virustotal, Shodan, etc.)
Brute-Force (Wordlist-based)
You can select or disable specific methods using the -m flag. For example, to only use DNS resolution and skip brute-forcing, you can run:
python3 oneforall.py -d example.com -m dns,api
6.2 Custom Wordlist Integration
OneForAll allows you to use custom wordlists for brute-forcing subdomains. To specify a custom wordlist, use the -w flag:
python3 oneforall.py -d example.com -w /path/to/wordlist.txt
Make sure your wordlist contains common subdomain names or potential subdomains related to the target domain.
6.3 Multi-Threading Support
OneForAll supports multi-threading to speed up the enumeration process. You can adjust the number of threads using the -t option:
python3 oneforall.py -d example.com -t 50
This will use 50 threads to perform the scan. Be cautious when using a large number of threads, as it can lead to rate-limiting or blocking by the target domain.
7. Exporting Results
OneForAll allows you to export the results in various formats, including CSV, JSON, or plain text.
Example to export results to CSV:
python3 oneforall.py -d example.com -o csv
You can also specify a custom output file:
python3 oneforall.py -d example.com -o result.csv
8. Using OneForAll with Proxy
For anonymity or to bypass network restrictions, you can use a proxy with OneForAll. This can be done using the -p flag to specify the proxy settings:
Example:
python3 oneforall.py -d example.com -p http://127.0.0.1:8080
This will route all traffic through the specified proxy.
9. Troubleshooting
Common Issues and Solutions
API Key errors: If you see errors related to API keys (e.g., "Invalid API Key"), ensure that your API keys are correctly configured in the config.py file.
Rate-limiting or blocking: If the tool is blocked by the target server (especially when using search engines or APIs), consider using a proxy or adding delays between requests.
Dependencies not installed: Ensure that all dependencies are installed by running:
pip3 install -r requirements.txt
No subdomains found: If OneForAll finds no subdomains for the target, try using different methods or a more extensive wordlist.
10. Conclusion
OneForAll is a robust and flexible tool for subdomain enumeration that can help security professionals and penetration testers gather valuable information during the reconnaissance phase of security assessments. With multiple subdomain discovery techniques, customizable wordlists, and support for API integrations, OneForAll makes it