A new tool called subwiz has been released, offering an innovative approach to subdomain discovery by incorporating Artificial Intelligence. This recon tool uses AI to predict subdomains and returns those that resolve, potentially enhancing the effectiveness of reconnaissance operations.
Developed by Hadrian Security, subwiz integrates seamlessly with existing subdomain enumeration workflows while adding the power of AI-driven prediction. The tool can be used in conjunction with other subdomain discovery tools like subfinder, using their output as seed data for its AI predictions.
Key features of subwiz include:
- AI-powered prediction of potential subdomains
- Automatic resolution checking of predicted subdomains
- Customizable number of predictions
- Adjustable randomness in predictions via temperature setting
- Python library for easy integration into existing tools
To use subwiz, users need to have Python installed on their computer. The tool can be easily installed via pip: “pip install subwiz”
Users can specify the input file containing known subdomains, the number of predictions to generate, and other parameters. The tool also introduces a few additional options, such as the ability to disable subdomain resolution or force download of the AI model.
subwiz works by taking a list of known subdomains as input and using its AI model to predict additional, potentially undiscovered subdomains. The AI model behind subwiz is an ultra-lightweight transformer based on Andrej Karpathy’s nanoGPT, with 17.3M parameters trained on 26M tokens of subdomain data.
By combining established subdomain discovery methods with AI-driven predictions, subwiz has the potential to enhance reconnaissance processes, allowing for more comprehensive subdomain enumeration.
The Trend of AI in Security Tools
The release of subwiz follows a growing trend of incorporating AI into cybersecurity tools, similar to ffufai.
Implications for the Future of Recon Tools
The emergence of tools like subwiz and ffufai signals a continuous trend in cybersecurity tooling. By integrating AI capabilities, these tools are pushing the boundaries of what’s possible in reconnaissance and security testing.
For security professionals and ethical hackers, this means more efficient workflows and potentially more comprehensive coverage in their testing and enumeration processes. It also shows the importance of staying updated with the latest tools and techniques, as the landscape continues to evolve very fast.