Add new fullhunt module (laramies#894)

fixgroup21 · Oct 17, 2021 · 929a642 · 929a642
1 parent b763a44
commit 929a642
Show file tree

Hide file tree

Showing 5 changed files with 49 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -34,6 +34,8 @@ Passive:
 
 * duckduckgo: DuckDuckGo search engine - www.duckduckgo.com
 
+* fullhunt: The Next-Generation Attack Surface Security Platform - https://fullhunt.io
+
 * github-code: GitHub code search engine (Requires a GitHub Personal Access Token, see below.) - www.github.com
 
 * google: Google search engine (Optional Google dorking.) - www.google.com
@@ -103,6 +105,7 @@ Documentation to setup API keys can be found at - https://github.com/laramies/th
 * binaryedge - not free
 * bing
 * censys - API keys are required and can be retrieved from your [Censys account](https://search.censys.io/account/api).
+* fullhunt
 * github
 * hunter - limited to 10 on the free plan so you will need to do -l 10 switch
 * intelx

diff --git a/api-keys.yaml b/api-keys.yaml
@@ -9,6 +9,9 @@ apikeys:
     id:
     secret:
 
+  fullhunt:
+    key:
+
   github:
     key:
 

diff --git a/theHarvester/__main__.py b/theHarvester/__main__.py
@@ -34,7 +34,7 @@ async def start(rest_args=None):
     parser.add_argument('-c', '--dns-brute', help='Perform a DNS brute force on the domain.', default=False, action='store_true')
     parser.add_argument('-f', '--filename', help='Save the results to an XML and JSON file.', default='', type=str)
     parser.add_argument('-b', '--source', help='''anubis, baidu, bing, binaryedge, bingapi, bufferoverun, censys, certspotter, crtsh,
-                            dnsdumpster, duckduckgo, github-code, google,
+                            dnsdumpster, duckduckgo, fullhunt, github-code, google,
                             hackertarget, hunter, intelx, linkedin, linkedin_links,
                             omnisint, otx, pentesttools, projectdiscovery,
                             qwant, rapiddns, rocketreach, securityTrails, spyse, sublist3r, threatcrowd, threatminer,
@@ -277,6 +277,15 @@ async def store(search_engine: Any, source: str, process_param: Any = None, stor
                     duckduckgo_search = duckduckgosearch.SearchDuckDuckGo(word, limit)
                     stor_lst.append(store(duckduckgo_search, engineitem, store_host=True, store_emails=True))
 
+                elif engineitem == 'fullhunt':
+                    from theHarvester.discovery import fullhuntsearch
+                    try:
+                        fullhunt_search = fullhuntsearch.SearchFullHunt(word)
+                        stor_lst.append(store(fullhunt_search, engineitem, store_host=True))
+                    except Exception as e:
+                        if isinstance(e, MissingKey):
+                            print(e)
+
                 elif engineitem == 'github-code':
                     try:
                         from theHarvester.discovery import githubcode

diff --git a/theHarvester/discovery/fullhuntsearch.py b/theHarvester/discovery/fullhuntsearch.py
@@ -0,0 +1,27 @@
+from theHarvester.discovery.constants import *
+from theHarvester.lib.core import *
+
+
+class SearchFullHunt:
+
+    def __init__(self, word):
+        self.word = word
+        self.key = Core.fullhunt_key()
+        if self.key is None:
+            raise MissingKey('fullhunt')
+        self.total_results = None
+        self.proxy = False
+
+    async def do_search(self):
+        url = f'https://fullhunt.io/api/v1/domain/{self.word}/subdomains'
+        response = await AsyncFetcher.fetch_all([url], json=True, headers={'User-Agent': Core.get_user_agent(),
+                                                                           'X-API-KEY': self.key},
+                                                proxy=self.proxy)
+        self.total_results = response[0]['hosts']
+
+    async def get_hostnames(self) -> set:
+        return self.total_results
+
+    async def process(self, proxy=False):
+        self.proxy = proxy
+        await self.do_search()
diff --git a/theHarvester/lib/core.py b/theHarvester/lib/core.py
@@ -12,7 +12,7 @@
 class Core:
     @staticmethod
     def version() -> str:
-        return '4.0.1'
+        return '4.0.2-dev'
 
     @staticmethod
     def api_keys() -> dict:
@@ -40,6 +40,10 @@ def bing_key() -> str:
     def censys_key() -> tuple:
         return Core.api_keys()['censys']['id'], Core.api_keys()['censys']['secret']
 
+    @staticmethod
+    def fullhunt_key() -> str:
+        return Core.api_keys()['fullhunt']['key']
+
     @staticmethod
     def github_key() -> str:
         return Core.api_keys()['github']['key']
@@ -124,6 +128,7 @@ def get_supportedengines() -> Set[Union[str, Any]]:
                             'crtsh',
                             'dnsdumpster',
                             'duckduckgo',
+                            'fullhunt',
                             'github-code',
                             'google',
                             'hackertarget',
-Original file line number
+Diff line change
@@ Expand Up / @@ -9,6 +9,9 @@ apikeys: @@
         id:
         secret:
+      fullhunt:
+        key:
       github:
         key:
@@ Expand Down @@