Sudomy-v1.2.0#dev - Update Engine & Version

.github/workflows/dockerimage.yml

@@ -5,7 +5,7 @@ on:
     branches: master
 
 env:
-  VERSION: v1.1.9-dev
+  VERSION: v1.2.0-dev
 
 jobs:
     build:

CHANGELOG.md

@@ -108,3 +108,15 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/)
 ## [1.1.9] - 2020-10-13
  - Update
         - Added Feature Sending notifications to a slack channel 
+
+## [1.2.0] - 2020=12-14
+ - Update
+	- Fixed and update regular expresion shodan to crawling subdomain
+	- Added Engine/Resources
+              - DNSDB - OK
+              - Spyse - Ok
+              - RiskIQ/PassiveTotal - Ok
+              - Facebook Cert Transparency - Ok
+	- Remove Entrust Sources (Not accessible) anymore
+	- Findsubdomains replace to Spyse
+

engine/Censys.my

@@ -14,7 +14,7 @@ CENSYS(){
 local _CENSYS="lib/censys/censys_subdomain_finder.py"
   if [[ ! -z "$CENSYS_API" ]] && [[ ! -z "$CENSYS_SECRET" ]] ;then
     echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Censys${RESET}${DPADDING}\t\t[${GREEN} ✔ ${RESET}]"
-      MAKEFILE=$(python ${_CENSYS} --censys-api-id ${CENSYS_API} --censys-api-secret ${CENSYS_SECRET} ${DOMAIN}> ${OUT_CENSYS})
+      MAKEFILE=$(python3 ${_CENSYS} --censys-api-id ${CENSYS_API} --censys-api-secret ${CENSYS_SECRET} ${DOMAIN}> ${OUT_CENSYS})
   else
     echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Censys${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
   fi

engine/DNSDB.my

@@ -0,0 +1,25 @@
+#-Metadata----------------------------------------------------#
+#  Filename: Sudomy - Subdomain Enumeration & Analysis        #
+#-Author(s)---------------------------------------------------#
+#  Edo maland ~ @screetsec                                    #
+#-Info--------------------------------------------------------#
+#  This file is part of Sudomy project                        #
+#  Engine DNSDB  : Update = 2020-05-08                        #
+#-Licence-----------------------------------------------------#
+#  MIT License ~ http://opensource.org/licenses/MIT           #
+#-------------------------------------------------------------#
+
+DNSDB(){
+## Using API Key
+
+#local URL_DNSDB="https://api.dnsdb.info/" ## Using API DNSDB
+  if [[ ! -z "${DNSDB_API}" ]];then
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}DNSDB${RESET}${DPADDING}\t\t[${GREEN} ✔ ${RESET}]"
+      MAKEFILE=$(curl -gs -H "Accept: application/json" -H "X-API-Key: ${DNSDB_API}" "https://api.dnsdb.info/lookup/rrset/name/*.${DOMAIN}?limit=1000000000" | jq --raw-output -r .rrname? | sed -e 's/\.$//' | sort -u  > ${OUT_DNSDB})
+      #for i in $(cat ${TMP_SHODAN});do echo ${i}.${DOMAIN} >> ${OUT_SHODAN}; done ; rm -r ${TMP_SHODAN}
+  else
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}DNSDB${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
+
+  fi
+}
+

engine/Entrust.my

@@ -9,14 +9,14 @@
 #  MIT License ~ http://opensource.org/licenses/MIT           #
 #-------------------------------------------------------------#
 
-ENTRUST(){
-local URL_ENTRUST="https://ctsearch.entrust.com/api/v1/certificates?fields=subjectDN&domain="
+#ENTRUST(){
+#local URL_ENTRUST="https://ctsearch.entrust.com/api/v1/certificates?fields=subjectDN&domain="
   #echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Entrust${RESET}${DPADDING}\t\t[${GREEN} ✔ ${RESET}]"
-	local STATUS_ENTRUST=$(curl --write-out %{http_code} --silent --output /dev/null "https://ctsearch.entrust.com/api/v1/certificates?fields=subjectDN&domain=${DOMAIN}")
-		 if [[ ${STATUS_ENTRUST} == 403 ]]; then
-			echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Entrust${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
-		 else
-
-  			curl --silent --request GET --url "${URL_ENTRUST}${DOMAIN}&includeExpired=false&exactMatch=false&limit=5000" | jq --raw-output -r '.[].subjectDN' | sed 's/,.*//' | sed 's/\*\.//g' |  sed 's/cn=//g' | sort -u > ${OUT_ENTRUST}
-		 fi
+#	local STATUS_ENTRUST=$(curl --write-out %{http_code} --silent --output /dev/null "https://ctsearch.entrust.com/api/v1/certificates?fields=subjectDN&domain=${DOMAIN}")
+#		 if [[ ${STATUS_ENTRUST} == 403 ]]; then
+#			echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Entrust${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
+#		 else
+#			
+#  			curl --silent --request GET --url "${URL_ENTRUST}${DOMAIN}&includeExpired=false&exactMatch=false&limit=5000" | jq --raw-output -r '.[].subjectDN' | sed 's/,.*//' | sed 's/\*\.//g' |  sed 's/cn=//g' | sort -u > ${OUT_ENTRUST}
+#		 fi
 }

engine/FBCert.my

@@ -0,0 +1,24 @@
+#-Metadata----------------------------------------------------#
+#  Filename: Sudomy - Subdomain Enumeration & Analysis        #
+#-Author(s)---------------------------------------------------#
+#  Edo maland ~ @screetsec                                    #
+#-Info--------------------------------------------------------#
+#  This file is part of Sudomy project                        #
+#  Engine FB Cert  : Update = 2020-12-14                      #
+#-Licence-----------------------------------------------------#
+#  MIT License ~ http://opensource.org/licenses/MIT           #
+#-------------------------------------------------------------#
+
+FBCERT(){
+## Using API Key
+
+local URL_FB="https://graph.facebook.com/certificates" ## Using API 
+  if [[ ! -z "${FACEBOOK_TOKEN}" ]];then
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}FBcert${RESET}${DPADDING}\t\t[${GREEN} ✔ ${RESET}]"
+      MAKEFILE=$(curl -s -X GET "${URL_FB}?query=${DOMAIN}&fields=domains&limit=10000&access_token=${FACEBOOK_TOKEN}" | jq --raw-output -r .data[].domains[]?  | grep ${DOMAIN}  | sed 's/\*\.//g' | sort -u  > ${OUT_FBCERT})
+  else
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}FBcert${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
+
+  fi
+}
+

engine/RiskIQ.my

@@ -0,0 +1,24 @@
+#-Metadata----------------------------------------------------#
+#  Filename: Sudomy - Subdomain Enumeration & Analysis        #
+#-Author(s)---------------------------------------------------#
+#  Edo maland ~ @screetsec                                    #
+#-Info--------------------------------------------------------#
+#  This file is part of Sudomy project                        #
+#  Engine RISKIQ : Update = 2020-12-14                        #
+#-Licence-----------------------------------------------------#
+#  MIT License ~ http://opensource.org/licenses/MIT           #
+#-------------------------------------------------------------#
+
+RISKIQ(){
+## Using API Key
+
+local URL_RISKIQ="https://api.passivetotal.org/v2/enrichment/subdomains" ## Using API
+  if [[ ! -z "${PASSIVE_API}" ]];then
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}RiskIQ${RESET}${DPADDING}\t\t[${GREEN} ✔ ${RESET}]"
+      MAKEFILE=$(curl --silent -u "${PASSIVE_API}" "${URL_RISKIQ}?query=${DOMAIN}" | jq --raw-output -r .subdomains[]? | sort -u  > ${TMP_RISKIQ})
+      for i in $(cat ${TMP_RISKIQ});do echo ${i}.${DOMAIN} >> ${OUT_RISKIQ}; done ; rm -r ${TMP_RISKIQ}
+  else
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}RiskIQ${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
+
+  fi
+}

engine/Shodan.my

@@ -11,10 +11,12 @@
 
 SHODAN(){
 ## Using API Key
-local URL_SHODAN="https://api.shodan.io/shodan/host/search?key=" ## Using API Shodan
+
+#local URL_SHODAN="https://api.shodan.io/shodan/host/search?key=" ## Using API Shodan
   if [[ ! -z "$SHODAN_API" ]];then
     echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Shodan${RESET}${DPADDING}\t\t[${GREEN} ✔ ${RESET}]"
-      MAKEFILE=$(curl --silent --request GET --url "${URL_SHODAN}${SHODAN_API}&query=hostname:${DOMAIN}" | jq --raw-output -r '.matches[] |.hostnames[]' | sort -u > ${OUT_SHODAN})
+      MAKEFILE=$(curl --silent --request GET --url "https://api.shodan.io/dns/domain/${DOMAIN}?key=${SHODAN_API}" | jq --raw-output -r .subdomains[]? | egrep -iv "_dmarc"  > ${TMP_SHODAN})
+      for i in $(cat ${TMP_SHODAN});do echo ${i}.${DOMAIN} >> ${OUT_SHODAN}; done ; rm -r ${TMP_SHODAN}
   else
     echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Shodan${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
 

engine/Spyse.my

@@ -0,0 +1,25 @@
+#-Metadata----------------------------------------------------#
+#  Filename: Sudomy - Subdomain Enumeration & Analysis        #
+#-Author(s)---------------------------------------------------#
+#  Edo maland ~ @screetsec                                    #
+#-Info--------------------------------------------------------#
+#  This file is part of Sudomy project                        #
+#  Engine Spyse  : Update = 2020-12-14                        #
+#-Licence-----------------------------------------------------#
+#  MIT License ~ http://opensource.org/licenses/MIT           #
+#-------------------------------------------------------------#
+
+SPYSE(){
+## Using API Key
+
+local URL_SPYSE="https://api.spyse.com/v3/data/domain/subdomain" ## Using API 
+  if [[ ! -z "${SPYSE_API}" ]];then
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Spyse${RESET}${DPADDING}\t\t[${GREEN} ✔ ${RESET}]"
+      MAKEFILE=$(curl -s -X GET "${URL_SPYSE}?domain=${DOMAIN}&limit=100" -H  "accept: application/json" -H  "Authorization: Bearer ${SPYSE_API}" |  jq --raw-output -r '.data.items[].name?' | sort -u  > ${OUT_SPYSE})
+      #for i in $(cat ${TMP_SHODAN});do echo ${i}.${DOMAIN} >> ${OUT_SHODAN}; done ; rm -r ${TMP_SHODAN}
+  else
+    echo -e  "${PADDING}${YELLOW}${PADDING}⍥${PADDING}${RESET}Spyse${RESET}${DPADDING}\t\t[${RED} ✕ ${RESET}]"
+
+  fi
+}
+

lib/censys/censys_subdomain_finder.py

@@ -38,7 +38,7 @@ def filter_subdomains(domain, subdomains):
 
 # Prints the list of found subdomains to stdout
 def print_subdomains(domain, subdomains, time_ellapsed):
-    if len(subdomains) is 0:
+    if len(subdomains) == 0:
         print('[-] Did not find any subdomain')
         return
 
@@ -49,7 +49,7 @@ def print_subdomains(domain, subdomains, time_ellapsed):
 
 # Saves the list of found subdomains to an output file
 def save_subdomains_to_file(subdomains, output_file):
-    if output_file is None or len(subdomains) is 0:
+    if output_file is None or len(subdomains) == 0:
         return
 
     try: