RevoltSecurities/Subdominator — reverse-engineered prompt

Build me a Python command line tool called Subdominator for bug bounty recon. I want to give it one domain or a file of domains and have it passively find as many related subdomains as possible from public OSINT sources like certificate logs, search engines, threat intel feeds, DNS archives, and similar providers, without touching the target too aggressively.

It should support API keys in a simple YAML config, tell me where that config lives, and have a health check so I can see which sources are working. Let me include or skip sources, run recursive discovery, control timeout, retries, proxy, and concurrency.

Save findings automatically in a local SQLite database, and also let me export plain text, JSONL, JSON reports, and an HTML report. Add a simple interactive shell where I can search, filter, export, and review old findings. Include clear install instructions, tests, and Docker support. Look up current provider docs online if you need to.