SpiderLabs / Hosthunter
Licence: mit
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: β 427
Programming Languages
Labels
Projects that are alternatives of or similar to Hosthunter
Awesome Bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: β 190 (-55.5%)
Mutual labels: hacking, security-tools, penetration-testing, hacking-tool, reconnaissance, recon, bugbounty
Scilla
π΄ββ οΈ Information Gathering tool π΄ββ οΈ DNS / Subdomains / Ports / Directories enumeration
Stars: β 116 (-72.83%)
Mutual labels: hacking, security-tools, pentesting, penetration-testing, hacking-tool, reconnaissance, recon
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance withβ¦
Stars: β 3,439 (+705.39%)
Mutual labels: osint, security-tools, reconnaissance, recon, penetration-testing, pentesting, bugbounty
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: β 3,391 (+694.15%)
Mutual labels: osint, hacking, security-tools, penetration-testing, hacking-tool, reconnaissance, bugbounty
Whatweb
Next generation web scanner
Stars: β 3,503 (+720.37%)
Mutual labels: hacking, security-tools, pentesting, penetration-testing, recon, network-security
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: β 182 (-57.38%)
Mutual labels: hacking, security-tools, pentesting, penetration-testing, hacking-tool, bugbounty
aquatone
A Tool for Domain Flyovers
Stars: β 43 (-89.93%)
Mutual labels: osint, penetration-testing, bugbounty, hacking-tool, reconnaissance
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: β 541 (+26.7%)
Mutual labels: osint, pentesting, reconnaissance, recon, bugbounty
AttackSurfaceManagement
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: β 45 (-89.46%)
Mutual labels: osint, penetration-testing, bugbounty, hacking-tool, reconnaissance
Oscp Prep
my oscp prep collection
Stars: β 105 (-75.41%)
Mutual labels: osint, hacking, pentesting, penetration-testing, recon
Getjs
A tool to fastly get all javascript sources/files
Stars: β 190 (-55.5%)
Mutual labels: hacking, pentesting, reconnaissance, recon, bugbounty
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: β 8,981 (+2003.28%)
Mutual labels: osint, hacking, pentesting, hacking-tool, bugbounty
Asnip
ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: β 126 (-70.49%)
Mutual labels: osint, ip, pentesting, reconnaissance, bugbounty
Reconky-Automated Bash Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: β 167 (-60.89%)
Mutual labels: osint, penetration-testing, recon, bugbounty, reconnaissance
Cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
Stars: β 2,775 (+549.88%)
Mutual labels: hacking, security-tools, pentesting, penetration-testing, hacking-tool
Favfreak
Making Favicon.ico based Recon Great again !
Stars: β 564 (+32.08%)
Mutual labels: osint, hacking, reconnaissance, recon, bugbounty
Intrec Pack
Intelligence and Reconnaissance Package/Bundle installer.
Stars: β 177 (-58.55%)
Mutual labels: osint, security-tools, pentesting, reconnaissance, recon
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: β 3,521 (+724.59%)
Mutual labels: hacking, security-tools, pentesting, penetration-testing, hacking-tool
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: β 162 (-62.06%)
Mutual labels: hacking, security-tools, penetration-testing, hacking-tool, bugbounty
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: β 2,312 (+441.45%)
Mutual labels: osint, hacking, pentesting, hacking-tool, reconnaissance
HostHunter v1.5
A tool to efficiently discover and extract hostnames providing a large set of target IP addresses. HostHunter utilises simple OSINT techniques to map IP addresses with virtual hostnames. It generates a CSV or TXT file containing the results of the reconnaissance.
Latest version of HostHunter also takes screenshots of the targets, it is currently a beta functionality.
Demo
Click on the thumbnail above to view the demo.
Installation
- Tested with Python 3.7.2.
Linux / Mac OS
- Install python dependencies.
$ pip3 install -r requirements.txt
The next few steps are only required if you would like to use the Screen Capture feature.
- Download and install the latest version of Google Chrome.
Mac OS:
$ brew cask install google-chrome
Linux:
$ wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
$ dpkg -i ./google-chrome-stable_current_amd64.deb
$ sudo apt-get install -f
- Download and install the latest ChromeDriver.
Mac OS:
wget -O /tmp/chromedriver.zip https://chromedriver.storage.googleapis.com/74.0.3729.6/chromedriver_mac64.zip && sudo unzip /tmp/chromedriver.zip chromedriver -d /usr/local/bin/;
Linux:
wget -O /tmp/chromedriver.zip https://chromedriver.storage.googleapis.com/74.0.3729.6/chromedriver_linux64.zip && sudo unzip /tmp/chromedriver.zip chromedriver -d /usr/local/bin/;
Simple Usage Example
$ python3 hosthunter.py <targets.txt>
$ cat vhosts.csv
More Examples
HostHunter Help Page
$ python3 hosthunter.py -h
usage: hosthunter.py [-h] [-b] [-f FORMAT] [-o OUTPUT] [-sc] [-t TARGET] [-V]
[targets]
|<--- HostHunter v1.5 - Help Page --->|
positional arguments:
targets Sets the path of the target IPs file.
optional arguments:
-h, --help show this help message and exit
-b, --bing Use Bing.com search engine to discover more hostnames
associated with the target IP addresses.
-f FORMAT, --format FORMAT
Choose between CSV and TXT output file formats.
-o OUTPUT, --output OUTPUT
Sets the path of the output file.
-sc, --screen-capture
Capture a screen shot of any associated Web
Applications.
-t TARGET, --target TARGET
Scan a Single IP.
-V, --version Displays the current version.
Run HostHunter with Bing and Screen Capture modules enabled
$ python3 hosthunter.py <targets.txt> --bing -sc -f csv -o hosts.csv
Display Results
$ cat hosts.csv
View Screenshots
$ open ./screen_captures/
Features
[X] Works with Python3
[X] Extracts information from SSL/TLS certificates.
[X] Supports Free HackerTarget API requests.
[X] Scraps Bing.com results.
[X] Takes Screenshots of the target applications.
[X] Validates the targets IPv4 address.
[X] Supports .txt and .csv output file formats
[X] Gathers information from HTTP headers.
[X] Verifies Internet access.
[X] Finds hostnames in 80/TCP, 443/TCP and 21/TCP ports.
Coming Next
[_] Support for Nessus target format.
[_] Improve output (IPs, HostNames, FQDNs)
[_] Pause and Resume Execution
[_] Support for a Premium HackerTarget API key
[_] Support for IPv6
[_] Gather information from additional APIs
[_] Actively pull SSL certificates from other TCP ports
Notes
- Free APIs throttle the amount of requests per day per source IP address.
License
This project is licensed under the MIT License.
Authors
- Andreas Georgiou - follow me on twitter - @superhedgy
StarGazers
Thank you for all the support & feedback!
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].