🔗 SubChain - Advanced Web Reconnaissance Platform

🚀 Professional-grade domain reconnaissance and analysis tool built with Electron & Next.js

🚀 Overview

SubChain is a powerful, modern web reconnaissance platform built for security researchers, penetration testers, and bug bounty hunters. It combines subdomain enumeration, technology detection, port scanning, and AI-powered security analysis in a beautiful, ultra-modern interface.

✨ Key Features

🔍 Advanced Technology Detection

• Real-time Analysis: Unbuilt.app-inspired tech detection with 75+ technology patterns
• Evidence-based Results: Shows actual proof and confidence scores
• Comprehensive Coverage: Frameworks, CDNs, analytics, hosting platforms, and more
• Pattern Matching: JavaScript, HTML, CSS, and HTTP header analysis

🌐 Subdomain Enumeration

• Multiple Sources: Integrated with Subfinder for comprehensive discovery
• Lightning Fast: Optimized batch processing and caching
• Real-time Progress: Live updates and performance metrics
• Validation: Automatic DNS resolution and filtering

🛡️ Port Scanner

• Ultra-precise Scanning: Multi-method detection with TCP, SYN, and UDP support
• Service Fingerprinting: Automatic service identification and version detection
• Security Assessment: Risk analysis and vulnerability indicators
• Beautiful Animations: Real-time progress with smooth transitions

🤖 AI Security Analysis

• Advanced Pattern Recognition: Identifies security patterns and vulnerabilities
• Risk Assessment: OWASP Top 10 mapping and compliance scoring
• Threat Modeling: Attack surface analysis and exploit chain detection
• Executive Reports: Business impact assessment and mitigation strategies

📚 Enhanced Bookmarklet System

• Deep Web Extraction: URLs, APIs, forms, storage, and dynamic routes
• CSP Bypass: Advanced content security policy circumvention
• Real-time Analysis: Instant pattern recognition and data extraction
• Export Capabilities: Multiple format support for further analysis

🎨 Modern UI/UX Features

• Glass Morphism Design: Ultra-modern aesthetic with smooth animations
• Responsive Layout: Perfect on all screen sizes and devices
• Dark Theme: Eye-friendly design optimized for long sessions
• Performance Optimized: React.memo, virtualization, and GPU acceleration
• Accessibility: Full keyboard navigation and screen reader support

📦 Installation

Prerequisites

• Node.js 18+ (Download)
• npm or yarn
• Git (Download)

Quick Start

# Clone the repository
git clone https://github.com/yourusername/subchain.git
cd subchain

# Install dependencies
npm install

# Build the application
npm run build:next

# Start SubChain
npm start

Development Setup

# Install dependencies
npm install

# Start development server
npm run dev

# In another terminal, start Electron
npm run electron:dev

🖥️ Platform Support

Platform	Status	Download
Windows	✅ Fully Supported	Windows Installer
macOS	✅ Fully Supported	macOS DMG
Linux	✅ Fully Supported	AppImage

System Requirements

• RAM: 4GB minimum, 8GB recommended
• Storage: 500MB available space
• Network: Internet connection for external tools

🛠️ Build Instructions

Building for All Platforms

# Install build dependencies
npm install

# Build for current platform
npm run build

# Build for all platforms
npm run build:all

# Build for specific platform
npm run build:win    # Windows
npm run build:mac    # macOS
npm run build:linux  # Linux

Build Outputs

• Windows: dist/SubChain Setup.exe
• macOS: dist/SubChain.dmg
• Linux: dist/SubChain.AppImage

🚀 Usage Guide

1. Subdomain Enumeration

1. Enter target domain in the main input
2. Click "Lightning Scan" for fast enumeration
3. View results in the interactive ribbon interface
4. Click on subdomains for detailed analysis

2. Technology Detection

1. Select a target from your subdomain list
2. Click the "Tech Detection" button
3. View comprehensive technology stack analysis
4. Explore evidence and confidence scores

3. Port Scanning

1. Choose target domains or IPs
2. Configure scan parameters (ports, methods)
3. Start ultra-precise scanning
4. Analyze service fingerprints and vulnerabilities

4. AI Security Analysis

1. Run reconnaissance on your target
2. Click "AI Analysis" for advanced insights
3. Review threat assessment and risk scoring
4. Export findings for further analysis

5. Bookmarklet Usage

1. Navigate to "Tools" → "Bookmarklet"
2. Drag the bookmarklet to your browser bookmarks
3. Visit any website and click the bookmarklet
4. View extracted data and security insights

🔧 Configuration

Environment Variables

# API Configuration
SUBCHAIN_API_KEY=your_api_key_here
SUBFINDER_PATH=/path/to/subfinder

# Performance Settings
MAX_CONCURRENT_SCANS=3
CACHE_TTL=3600
REQUEST_TIMEOUT=30000

# Security Settings
ENABLE_CSP_BYPASS=true
ALLOW_EXTERNAL_TOOLS=true

Advanced Configuration

Edit src/utils/configManager.js for advanced settings:

const config = {
  scanner: {
    maxConcurrentScans: 3,
    timeout: 30000,
    retries: 3
  },
  ai: {
    enableAnalysis: true,
    confidenceThreshold: 0.7
  },
  ui: {
    theme: 'dark',
    animations: true,
    performance: 'high'
  }
};

🚨 Troubleshooting

Common Issues

GPU Crashes on Windows

GPU process crashed / Display compositor error

Solutions:

• Option 1: Use the safe mode batch file:

  run-safe-windows.bat

• Option 2: Set environment variable manually:

  set SUBCHAIN_DISABLE_GPU=true
  npx electron .

• Option 3: Update your graphics drivers
• Note: SubChain automatically detects GPU crashes and disables hardware acceleration on restart

Port Already in Use

Error: listen EADDRINUSE :::3000

Solution: Kill the process using port 3000:

# Kill process on port 3000
npx kill-port 3000

# Or run on different port
PORT=3001 npm run dev

Permission Denied Errors

EACCES: permission denied

Solution: Run with appropriate permissions:

# macOS/Linux
sudo npm install

# Windows (Run as Administrator)
npm install

Missing Dependencies

Module not found

Solution: Clean install:

rm -rf node_modules package-lock.json
npm install

AI Analysis Showing "Unknown"

• Ensure you have a stable internet connection
• Check that the target website is accessible
• Try running the analysis again after a few moments
• Verify the domain format is correct (e.g., example.com not https://example.com)

🤝 Contributing

We welcome contributions! Please see our Contributing Guide for details.

Development Workflow

1. Fork the repository
2. Create a feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

Code Style

• Use ESLint and Prettier for formatting
• Follow React best practices
• Write meaningful commit messages
• Add tests for new features

📜 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• Subfinder - Subdomain discovery toolkit
• Unbuilt.app - Inspiration for technology detection patterns
• ProjectDiscovery - Security tools and methodologies
• OWASP - Security standards and guidelines

�� Security

SubChain is designed with security in mind:

• No Data Collection: All analysis happens locally
• Secure Communications: HTTPS-only external requests
• Sandboxed Execution: Isolated bookmarklet execution
• Regular Updates: Continuous security improvements

📞 Support

• Issues: GitHub Issues
• Discussions: GitHub Discussions
• Email: support@subchain.dev
• Discord: SubChain Community

🗺️ Roadmap

• Cloud Integration: AWS, GCP, Azure support
• API Development: RESTful API for automation
• Plugin System: Extensible architecture
• Team Collaboration: Multi-user workspaces
• Mobile Apps: iOS and Android companions
• Enterprise Features: SSO, audit logs, compliance

---

Built with ❤️ for the security community

⭐ Star us on GitHub if SubChain helps you!