domain-scanner
v0.1.3
Published
A node utility to scan a domain with various techniques.
Downloads
73
Readme
Installation
$ npm install domain-scanner
Usage
The usage is simple, just pass to the scanner the domain you want to scan and some options, than wait for the response:
const domainScanner = require('domain-scanner');
const options = {
deep: false,
sections: [],
exclude: [],
keys: {
hunterio: '<api-key>',
google: '<api-key>',
virustotal: '<api-key>'
}
};
domainScanner('codekraft.it', options, (err, results) => {
console.log(results);
});
Options
sections
An array with the names of the sections you want to scan, leave empty to scan all sections. Available sections are:
- details: Will perform some system based evaluations against the domain.
- emails: Will scan the domain looking for known emails with node-emailhunter
- breaches: Will check the HaveIBeenPwned database against the domain
- certificate: SSL Certificate test and verification using node-ssllabs talking with SSL Labs API
- robots: Will scan the domain robots.txt file with robots-parse
- subdomains: Will enumerate all hostname subdomains using subquest
- threats: Will scan the domain using Google Safe Browsing API looking for known threats
- virustotal: Will scan the domain using Virus Total APIv2 on domain/report endpoint
- tld: Will scan all the other root TLDs possibilities for a given domain
- typosquotting: Perform various typosquotting techniques and collect results
- archived: Lookup the site using Wayback Machine API looking for archived pages
- ctl: Find subdomains by abusing Certificate Transparency logs
- tags: Will scan the domain's tracking code footprint with tag-recon to discover connections with other affiliated websites
const options = {
sections: [
'details',
'emails',
'breaches',
'certificate',
'robots',
'subdomains',
'threats',
'virustotal',
'tld',
'typosquotting',
'archived',
'ctl',
'tags'
]
};
exclude
An array of sections to exclude from the tasks of the scanner:
const options = {
exclude: ['emails']
};
keys
An object with the API keys for the services involved in the scan. For example to use Hunter.io API:
const options = {
keys: {
hunterio: '<api-key>',
google: '<api-key>',
virustotal: '<api-key>',
spyonweb: '<api-key>'
}
};
Possible keys for now: hunterio, google, virustotal, spyonweb
deep
Perform additional tasks for the gathered results. For example test resulting emails with node-pwned for breaches, or testing nested domain details informations.
const options = {
deep: true
};
Looking for the cli tool?
If you want to use it from the command line as a cli tool you have to download domain-scanner-cli module.
$ npm install -g domain-scanner-cli
Contributing
- Create an issue and describe your idea
- Fork the project (https://github.com/b4dnewz/domain-scanner/fork)
- Create your feature branch (
git checkout -b my-new-task
) - Commit your changes (
git commit -am 'Add some task'
) - Write some test (
npm run test
) - Publish the branch (
git push origin my-new-task
) - Create a new Pull Request
License
MIT © b4dnewz