Skip to content

0.2.2

Latest
Latest
Compare
Choose a tag to compare
@cyclone-github cyclone-github released this 04 Jan 18:43
· 7 commits to main since this release
0.2.2
2333c70
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Readme Card

IPScope

A CLI tool written in pure Go for IP lookup and subdomain discovery. Designed for security researchers and network administrators to resolve IP addresses for TLDs and subdomains. Includes support for some reverse proxy and WAF detection.

IPScope was written as a capable, no-fuss alternative to more complex CLI tools commonly used for subdomain discovery and active DNS resolution. IPScope features a simple CLI that only requires one command-line argument, the target URL, while maintaining a powerful backend and optional command-line arguments for further customization. Since it's written in Go, there's no need to hunt down outdated or obscure Python / Ruby dependencies, and since it's written with ease of use in mind, there's no need to figure out complex command-line arguments -- IPScope just works.

Usage Instructions:

Of course, don't run IPScope on domains you don't have permission to probe.

  • Example Usage:
    • ./ipscope.bin -url example.org
                   _                   
  ____ _   _  ____| | ___  ____  _____ 
 / ___) | | |/ ___) |/ _ \|  _ \| ___ |
( (___| |_| ( (___| | |_| | | | | ____|
 \____)\__  |\____)\_)___/|_| |_|_____)
      (____/                           

Processing URL: example.org using DNS: 1.1.1.1

  TLD  example.org                93.184.215.14     AS15133 Edgecast Inc.            Dźwirzyno, West Pomerania, PL (Reverse Proxy or WAF Detected)
  TLD  www.example.org            93.184.215.14     AS15133 Edgecast Inc.            Dźwirzyno, West Pomerania, PL (Reverse Proxy or WAF Detected)
  • ./ipscope.bin -url example.org -sub subdomains.txt -dns 8.8.8.8

The -dns flag is useful for testing how a domain resolves with specific DNS servers, such as 1.1.1.1, 8.8.8.8, or DNS based filtering such as Cloudflare 1.1.1.3 or OpenDNS 208.67.222.222. It’s also great for testing locally hosted DNS servers like Pi-hole or pfSense.

The tool can also be used with a custom subdomain list via the -sub flag to verify if known subdomains are resolving correctly through services like Cloudflare, or to check if they are leaking their host IP.

If neither the -dns nor -sub flags are given, the tool defaults to 1.1.1.1 and a built-in list of the top 10k common subdomains.

  • Supported flags:
    • -url example.org (required)
    • -sub subdomain.txt (optional, defaults to built-in list)
    • -dns 8.8.8.8 (optional, defaults to 1.1.1.1)
    • -help (usage instructions)
    • -version (version info)

Change Log:

Antivirus False Positives:

  • Several antivirus programs on VirusTotal incorrectly detect compiled Go binaries as a false positive. This issue primarily affects the Windows executable binary, but is not limited to it. If this concerns you, I recommend carefully reviewing the source code, then proceed to compile the binary yourself.
  • Uploading your compiled binaries to https://virustotal.com and leaving an up-vote or a comment would be helpful as well.
7c533deea0bedb36df64982fb27a452dab8997d3  ipscope_amd64.bin
770bd692e097342caaae558b81785a01ec87104e  ipscope_amd64.exe
e4287b2558ed34d766c0b2f65f59331bfb25fb88  ipscope_arm64.bin
323a19f91019eaf5f696a63ba62ee134b18e2aca  ipscope_arm.bin

Jotti Antivirus Scan Results:
https://virusscan.jotti.org/en-US/filescanjob/qiqdcc27to,jni2q7n2fx,xflexg9igm,wbjtzmze3g

Assets 6
Loading