HostHunter : To Discover Hostnames Using OSINT

HostHunter is a recon tool for discovering hostnames using OSINT techniques.

HostHunter v1.5 is a tool to efficiently discover and extract hostnames over a large set of target IP addresses. It utilises simple OSINT techniques. It generates a CSV file containing the results of the reconnaissance.

Taking screenshots was also added as a beta functionality.

Demo

Currently GitLab’s markup language does not support HTML or CSS control over the images, thus the following link thumbnail is huge.

Also Read : KDE Applications 19.04 Release

Installation

Tested with Python 3.7.2.

Linux

Use wget command to download a latest Google Chrome debian package.

$ wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

$ dpkg -i ./google-chrome-stable_current_amd64.deb

$ sudo apt-get install -f

Install python dependencies.

$ pip install -r requirements.txt

Simple Usage Example :

$ python3 hosthunter.py <targets.txt>

$ cat vhosts.csv

More Examples

HostHunter Help Page

$ python3 hosthunter.py -h
usage: hosthunter.py [-h] [-V] [-f FORMAT] [-o OUTPUT] [-b] [-sc] targets
|<— HostHunter v1.5 – Help Page —>|
positional arguments:
targets Sets the path of the target IPs file.
optional arguments:
-h, –help show this help message and exit
-V, –version Displays the currenct version.
-f FORMAT, –format FORMAT
Choose between CSV and TXT output file formats.
-o OUTPUT, –output OUTPUT
Sets the path of the output file.
-b, –bing Use Bing.com search engine to discover more hostnames
associated with the target IP addreses.
-sc, –screen-capture
Capture a screen shot of any associated Web
Applications.

Run HostHunter with Bing and Screen Captures modules enabled

$ python3 hosthunter.py –bing -sc -f csv -o hosts.csv

Display Results

$ cat hosts.csv

View Screenshots

$ open ./screen_captures/

Features

Works with Python3
Scraps Bing.com results
Supports .txt and .csv output file formats
Validates target IPv4 addresses
Takes Screenshots of the targets
Extracts hostnames from SSL certificates
Utilises Hacker Target API

Credits: Andreas Georgiou

Related

Termshark : A Terminal UI For Tshark

May 7, 2019

In "Kali Linux"

Kali Linux 2021.3 Released for NetHunter Smartwatch and With New Hacking Tools

September 15, 2021

In "Kali Linux"

Bing-IP2Hosts : A Bing.com Web Scraper That Discovers Websites By IP Address

June 16, 2020

In "Kali Linux"

R K

Next Twint : Twitter Intelligence Tool »

Previous « Adidnsdump : Active Directory Integrated DNS Dump Tool

Share

Published by

R K

Tags: HostHunterHostnamesOSINT

6 years ago

Recent Posts

OSINT

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

1 week ago

Linux

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

1 week ago

Linux

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

1 week ago

Linux

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

1 week ago

Linux

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

1 week ago

Linux

Command-Line Techniques for Listing Linux Users

Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…

2 weeks ago

L