From 7cf105d2390ebf9b57139ae182cd7950e340dc87 Mon Sep 17 00:00:00 2001 From: thewhiteh4t Date: Sat, 29 Jun 2024 14:36:38 +0530 Subject: [PATCH] alienvault and urlscan added in subdomain enum --- modules/subdom.py | 6 +++- modules/subdomain_modules/alienvault_subs.py | 34 ++++++++++++++++++++ modules/subdomain_modules/urlscan_subs.py | 34 ++++++++++++++++++++ 3 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 modules/subdomain_modules/alienvault_subs.py create mode 100644 modules/subdomain_modules/urlscan_subs.py diff --git a/modules/subdom.py b/modules/subdom.py index 14ad799..7bdb1bf 100644 --- a/modules/subdom.py +++ b/modules/subdom.py @@ -19,6 +19,8 @@ from modules.subdomain_modules.zoomeye_subs import zoomeye from modules.subdomain_modules.netlas_subs import netlas from modules.subdomain_modules.hunter_subs import hunter +from modules.subdomain_modules.urlscan_subs import urlscan +from modules.subdomain_modules.alienvault_subs import alienvault R = '\033[31m' # red G = '\033[32m' # green @@ -46,7 +48,9 @@ async def query(hostname, tout, conf_path): binedge(hostname, conf_path, session), zoomeye(hostname, conf_path, session), netlas(hostname, conf_path, session), - hunter(hostname, conf_path, session) + hunter(hostname, conf_path, session), + urlscan(hostname, session), + alienvault(hostname, session) ) await session.close() diff --git a/modules/subdomain_modules/alienvault_subs.py b/modules/subdomain_modules/alienvault_subs.py new file mode 100644 index 0000000..135ee8a --- /dev/null +++ b/modules/subdomain_modules/alienvault_subs.py @@ -0,0 +1,34 @@ +#!/usr/bin/env python3 + +from json import loads +import modules.subdom as parent +from modules.write_log import log_writer + +R = '\033[31m' # red +G = '\033[32m' # green +C = '\033[36m' # cyan +W = '\033[0m' # white +Y = '\033[33m' # yellow + + +async def alienvault(hostname, session): + print(f'{Y}[!] {C}Requesting {G}AlienVault{W}') + url = f'https://otx.alienvault.com/api/v1/indicators/domain/{hostname}/passive_dns' + try: + async with session.get(url) as resp: + status = resp.status + if status == 200: + output = await resp.text() + json_data = loads(output)['passive_dns'] + subdomains = [] + for entry in json_data: + subdomains.append(entry['hostname']) + parent.found.extend(subdomains) + print(f'{G}[+] {Y}AlienVault {W}found {C}{len(subdomains)} {W}subdomains!') + else: + print(await resp.text()) + print(f'{R}[-] {C}AlienVault Status : {W}{status}') + log_writer(f'[alienvault_subs] Status = {status}, expected 200') + except Exception as exc: + print(f'{R}[-] {C}AlienVault Exception : {W}{exc}') + log_writer('[alienvault_subs] Completed') diff --git a/modules/subdomain_modules/urlscan_subs.py b/modules/subdomain_modules/urlscan_subs.py new file mode 100644 index 0000000..2413568 --- /dev/null +++ b/modules/subdomain_modules/urlscan_subs.py @@ -0,0 +1,34 @@ +#!/usr/bin/env python3 + +from json import loads +import modules.subdom as parent +from modules.write_log import log_writer + +R = '\033[31m' # red +G = '\033[32m' # green +C = '\033[36m' # cyan +W = '\033[0m' # white +Y = '\033[33m' # yellow + + +async def urlscan(hostname, session): + print(f'{Y}[!] {C}Requesting {G}UrlScan{W}') + url = f'https://urlscan.io/api/v1/search/?q=domain:{hostname}' + try: + async with session.get(url) as resp: + status = resp.status + if status == 200: + output = await resp.text() + json_data = loads(output)['results'] + subdomains = [] + for entry in json_data: + subdomains.append(entry['task']['domain']) + parent.found.extend(subdomains) + print(f'{G}[+] {Y}UrlScan {W}found {C}{len(subdomains)} {W}subdomains!') + else: + print(await resp.text()) + print(f'{R}[-] {C}UrlScan Status : {W}{status}') + log_writer(f'[urlscan_subs] Status = {status}, expected 200') + except Exception as exc: + print(f'{R}[-] {C}UrlScan Exception : {W}{exc}') + log_writer('[urlscan_subs] Completed')