HostHunter is a recon tool for discovering hostnames using OSINT techniques.
HostHunter v1.5 is a tool to efficiently discover and extract hostnames over a large set of target IP addresses. It utilises simple OSINT techniques. It generates a CSV file containing the results of the reconnaissance.
Taking screenshots was also added as a beta functionality.
Currently GitLab’s markup language does not support HTML or CSS control over the images, thus the following link thumbnail is huge.
Also Read : KDE Applications 19.04 Release
Tested with Python 3.7.2.
Use wget command to download a latest Google Chrome debian package.
$ wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
$ dpkg -i ./google-chrome-stable_current_amd64.deb
$ sudo apt-get install -f
Install python dependencies.
$ pip install -r requirements.txt
Simple Usage Example :
$ python3 hosthunter.py <targets.txt>
$ cat vhosts.csv
HostHunter Help Page
$ python3 hosthunter.py -h
usage: hosthunter.py [-h] [-V] [-f FORMAT] [-o OUTPUT] [-b] [-sc] targets
|<— HostHunter v1.5 – Help Page —>|
targets Sets the path of the target IPs file.
-h, –help show this help message and exit
-V, –version Displays the currenct version.
-f FORMAT, –format FORMAT
Choose between CSV and TXT output file formats.
-o OUTPUT, –output OUTPUT
Sets the path of the output file.
-b, –bing Use Bing.com search engine to discover more hostnames
associated with the target IP addreses.
Capture a screen shot of any associated Web
Run HostHunter with Bing and Screen Captures modules enabled
$ python3 hosthunter.py –bing -sc -f csv -o hosts.csv
$ cat hosts.csv
$ open ./screen_captures/
- Works with Python3
- Scraps Bing.com results
- Supports .txt and .csv output file formats
- Validates target IPv4 addresses
- Takes Screenshots of the targets
- Extracts hostnames from SSL certificates
- Utilises Hacker Target API
Credits: Andreas Georgiou