All Projects → yassineaboukir → Asnlookup

yassineaboukir / Asnlookup

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Programming Languages

python
139335 projects - #7 most used programming language

Projects that are alternatives of or similar to Asnlookup

flydns
Related subdomains finder
Stars: ✭ 29 (-82.21%)
Mutual labels:  infosec, bugbounty, pentest, reconnaissance
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+11.66%)
Mutual labels:  hacking, infosec, enumeration, bugbounty
tugarecon
Pentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-12.88%)
Mutual labels:  infosec, bugbounty, pentest, reconnaissance
Reconky-Automated Bash Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+2.45%)
Mutual labels:  enumeration, nmap, bugbounty, reconnaissance
aquatone
A Tool for Domain Flyovers
Stars: ✭ 43 (-73.62%)
Mutual labels:  infosec, bugbounty, pentest, reconnaissance
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+20089.57%)
Mutual labels:  hacking, pentest, enumeration, bugbounty
Osint tips
OSINT
Stars: ✭ 322 (+97.55%)
Mutual labels:  hacking, reconnaissance, nmap, bugbounty
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+4345.4%)
Mutual labels:  hacking, infosec, enumeration, bugbounty
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1019.02%)
Mutual labels:  hacking, enumeration, nmap
31 Days Of Api Security Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
Stars: ✭ 1,038 (+536.81%)
Mutual labels:  pentest, infosec, bugbounty
Autosetup
Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-14.11%)
Mutual labels:  infosec, reconnaissance, bugbounty
Pcwt
Stars: ✭ 46 (-71.78%)
Mutual labels:  pentest, nmap, bugbounty
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+497.55%)
Mutual labels:  hacking, pentest, bugbounty
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1082.82%)
Mutual labels:  hacking, enumeration, bugbounty
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+433.74%)
Mutual labels:  hacking, infosec, enumeration
Rfd Checker
RFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-65.64%)
Mutual labels:  pentest, infosec, bugbounty
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-61.96%)
Mutual labels:  hacking, infosec, bugbounty
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+426.99%)
Mutual labels:  reconnaissance, enumeration, bugbounty
Jaeles
The Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+558.28%)
Mutual labels:  hacking, infosec, bugbounty
Offensive Dockerfiles
Offensive tools as Dockerfiles. Lightweight & Ready to go
Stars: ✭ 150 (-7.98%)
Mutual labels:  hacking, pentest, infosec
                            ____ ____ _  _ _    ____ ____ _  _ _  _ ___
                            |__| [__  |\ | |    |  | |  | |_/  |  | |__]
                            |  | ___] | \| |___ |__| |__| | \_ |__| |
                                          asnlookup.com
                                     Author: Yassine Aboukir

Description

An autonomous system number (ASN) is a unique number assigned to an autonomous system (AS) by the Internet Assigned Numbers Authority (IANA). An AS consists of blocks of IP addresses which have a distinctly defined policy for accessing external networks and are administered by a single organization

This is a python client which leverages our asnlookup.com free API to find the IP space (IPv4 and IPv6) registered and owned by a specific organization.

ASNLookup searches for the organization ASNs and use the latter to find the IP space. You can also use asnlookup client to run port scanning on the IP space using Nmap or Masscan.

Check out http://asnlookup.com/ for easy use and for the API.

Usage

$ git clone https://github.com/yassineaboukir/Asnlookup && cd Asnlookup
$ pip install -r requirements.txt (or pip3 install -r requirements.txt if you're using Python3)
$ python asnlookup.py -o <Organization>

E.g: python asnlookup.py -o "Capital One"

Port Scanning

The tool supports port scanning using Nmap or Masscan but requires prior installation on your machine. How to?

  • For Nmap:
On CentOS
$ yum install nmap

- On Debian
$ apt-get install nmap

- On Ubuntu
$ sudo apt-get install nmap

- Mac OS
$ brew install nmap

To scan the IP addresses, append to the command -m arugment for Masscan or -n for Nmap:

$ python asnlookup.py -m -o <Organization>

You can also pass your own Nmap/Masscan arguments (Default for nmap: -p 1-65535 -T4 -A -v; default for Masscan: -p0-65535 --rate 200).

$ python asnlookup.py -m="<Masscan arguments>" -o <Organization>

Example using Nmap with custom arguments:

$ python asnlookup.py -n="--top-ports 65535" -o twitter

It will export the results to a text file in the output directory (E.g: ./output/salesforce.txt) then run Nmap.

Limitation

For smaller organizations the ASN will usually be that of their ISP whereas the hostname might not. One example of this is 207.97.227.245, a GitHub IP address. The ASN is AS27357 (Rackspace Hosting), but the hostname is pages.github.com.

Support

If you appreciate my work and wish to support it, feel free to:

Disclaimer

This project is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage caused by this tool.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].