st_subdomains
Enumerate subdomains for a domain using SecurityTrails data to identify attack surfaces and perform reconnaissance in OSINT investigations.
Instructions
Enumerate subdomains for a domain via SecurityTrails. Returns FQDNs. Requires ST_API_KEY.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| domain | Yes | Domain to enumerate subdomains for |
Implementation Reference
- src/securitytrails/index.ts:53-57 (handler)The implementation of the st_subdomains tool handler which fetches subdomains from SecurityTrails API.
export async function stSubdomains(domain: string, apiKey: string): Promise<StSubdomainsResult> { const data = await stFetch(`/domain/${encodeURIComponent(domain)}/subdomains`, apiKey); const subs: string[] = (data.subdomains ?? []).map((s: string) => `${s}.${domain}`); return { domain, subdomains: subs, total: subs.length }; } - src/protocol/tools.ts:235-245 (registration)Registration of the st_subdomains tool in the MCP protocol tools definition.
const stSubdomainsTool: ToolDef = { name: "st_subdomains", description: "Enumerate subdomains for a domain via SecurityTrails. Returns FQDNs. Requires ST_API_KEY.", schema: { domain: z.string().describe("Domain to enumerate subdomains for"), }, execute: async (args, ctx) => { const key = requireApiKey(ctx.config.stApiKey, "SecurityTrails", "ST_API_KEY"); return json(await stSubdomains(args.domain as string, key)); }, }; - src/securitytrails/index.ts:9-13 (schema)Interface for the st_subdomains result type.
interface StSubdomainsResult { domain: string; subdomains: string[]; // FQDNs total: number; }