Aquatone is a tool for performing reconnaissance on web applications and websites. It can be used for subdomain enumeration, screenshotting, and HTML content analysis.

Here are the steps to install Aquatone on a Linux or macOS system:

  1. Install Ruby, if you don't have it already installed:

sudo apt-get install ruby
  1. Install Aquatone:

gem install aquatone
  1. Once the installation is complete, you can run Aquatone from the terminal by typing:


To install Aquatone on a Windows system, you will need to follow a similar process, but some of the commands and steps may be different.

Once Aquatone is installed, you can use it to perform subdomain enumeration and reconnaissance on a target domain. For example, to enumerate subdomains and perform screenshotting and HTML content analysis for the domain "", you can run the following command:

aquatone-scan -d

This will enumerate subdomains for the domain "" using the sources specified in the tool's configuration file, and then perform screenshotting and HTML content analysis on each subdomain.

You can also combine the results of Aquatone with other subdomain enumeration tools to get a more comprehensive list of subdomains. For example, you can pipe the output of a subdomain enumeration tool, such as Assetfinder, into Aquatone to perform screenshotting and HTML content analysis:

assetfinder | aquatone

These are the basic steps for installing and using Aquatone for subdomain enumeration and reconnaissance. You can find more information on the options available with Aquatone by running the following command:

aquatone -h

This will display the help information for the tool, which includes a description of each option and how to use it.

Last updated