WebOSINT is a Python script to gather (passive) domain intelligence.
- Python 3
- Don't forget to install the requirements.txt
- You will be limited in your search requests with the Hacker Target free API, you can purchase a Hacker Target membership and your API here: (https://hackertarget.com/scan-membership/)
- For the WhoisXML API; this is an easy process and free, simply create an account and use the
trial 500 free API requests
(Once you have used the 500 requests you will need to make a purchase, and if you don't want a yearly or monthly membership you can make one-time payments,5000 queries for 100,00$ USD
or1000 queries for 30,00$ USD
:(https://whois.whoisxmlapi.com)
git clone https://github.com/C3n7ral051nt4g3ncy/webosint
cd webosint
pip3 install -r requirements.txt
python3 webosint.py
Once the script starts, you have hardly any typing to do:
- Domain format example: google.com
- To choose between yes and no: Type Y or y for Yes | N or n for No
- Choose between a free search and search with your API Key: Type -F or f for the free search | Type -API or api for the search with your API keys
In the Config.json
file, just paste your API Keys inside the quotation marks "API Key"
(see photo below)
- It's not an obligation to pay for a Hacker Target API key, you can leave it how it is, just choose the free search by typing
-F
each time the tool asks you to choose between the Free search and the search using your API key. - It's an obligation ✅ to get yourself a WhoisXML Api key, this is free (
500 searches free
), just go to the WhoisXML website and get an account to get your API key: (https://whois.whoisxmlapi.com) - It's also an obligation ✅ to get yourself a WhoisFreaks Api key, this is free (
100 searches free
), just go to the WhoisFreaks website and sign up to get your API key: (https://whoisfreaks.com), and by the way, once your 100 free searches are used, you can purchase 5000 API Calls for only 19,00$ USD
Checking if the domain is registered
Get the domain ip address and location data, Version, ASN (Tool updated 16 July 2022, now with double IP verification)
Reverse ip search to extract all domains with the same ip (HackerTarget free and paid API)
DNS records with HackerTarget free and Paid API
Whois domain information
Domain CERT (Certificate) search using CRT.SH
Domain reputation scan with WhoisXML free API
Subdomain Scanner
Historical Whois Search with WhoisFreaks free API (100 Free API Calls)
Be aware that for the reverse IP search using the Hacker Target API, you are going to get a few hundred results for some websites, make sure that your Terminal Scrollback preferences are set to unlimited scrollback
so that you can scroll back up to see all results!
Before making this repository public, I gave private access to a few people, some were getting an error right at the beginning of the script and websites that were Registered
were being shown as Not Registered
. Found the problem/issue, some people have both whois
and python-whois
modules, and they were conflicting with each other. Fixing the issue will be:
pip3 uninstall whois
pip3 uninstall python-whois
Make a clean install:
pip 3 install python-whois
Or simply use virtualenv
🧠
This tool is for the OSINT and Cyber community, don't use it for wrong, immoral, or illegal reasons.
Feel free to contribute and to change some code within the tool, submit a PR (Pull Request), or submit your thoughts here on github in the Webosint discussions
If you like this simple Python tool, feel free to donate to my work by clicking on the KO-FI Badge or the BITCOIN Badge at the top of this README.md
file, you can also scan my BTC QR Code directly to get my BTC Address.
Thank you to Hacker Target for their API and great work which makes this tool possible, thank you also to WHOisXML for their API as they make a free API (500 searches) which provides a great opportunity for the people in the Cyber community, and thanks to Whois Freaksfor their free 100 search API Trial. Thanks to @cipher387/@cyb_detective and to Euler Neto for testing the script before release and finding 2 minor corrections.