From 3fb2a9006ff4ee3cb0f294f6bbe179819d5cc92f Mon Sep 17 00:00:00 2001 From: Mark <55981308+Luci-d@users.noreply.github.com> Date: Mon, 30 Sep 2019 15:26:26 +0400 Subject: [PATCH] Add Spyse to network discovery 1. spyse itself 2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon. --- .../Network Discovery.md | 30 ++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/Methodology and Resources/Network Discovery.md b/Methodology and Resources/Network Discovery.md index 10a6b63..bf050ed 100644 --- a/Methodology and Resources/Network Discovery.md +++ b/Methodology and Resources/Network Discovery.md @@ -3,6 +3,7 @@ ## Summary - [Nmap](#nmap) +- [Spyse](#spyse) - [Masscan](#masscan) - [Netdiscover](#netdiscover) - [Responder](#responder) @@ -97,6 +98,33 @@ Host script results: List Nmap scripts : ls /usr/share/nmap/scripts/ ``` +## Spyse +* Spyse API - for detailed info is better to check [Spyse](https://spyse.com/) + +* [Spyse Wrapper](https://github.com/zeropwn/spyse.py) + +#### Searching for subdomains +```bash +spyse -target xbox.com --subdomains +``` + +#### Reverse IP Lookup +```bash +spyse -target 52.14.144.171 --domains-on-ip +``` + +#### Searching for SSL certificates +```bash +spyse -target hotmail.com --ssl-certificates +``` +```bash +spyse -target "org: Microsoft" --ssl-certificates +``` +#### Getting all DNS records +```bash +spyse -target xbox.com --dns-all +``` + ## Masscan ```powershell @@ -170,4 +198,4 @@ bettercap -X --proxy --proxy-https -T ## References -* [TODO](TODO) \ No newline at end of file +* [TODO](TODO)