HostHunter : To Discover Hostnames Using OSINT

HostHunter is a recon tool for discovering hostnames using OSINT techniques.

HostHunter v1.5 is a tool to efficiently discover and extract hostnames over a large set of target IP addresses. It utilises simple OSINT techniques. It generates a CSV file containing the results of the reconnaissance.

Taking screenshots was also added as a beta functionality.

Demo

Currently GitLab’s markup language does not support HTML or CSS control over the images, thus the following link thumbnail is huge.

Also Read : KDE Applications 19.04 Release

Installation

Tested with Python 3.7.2.

Linux

Use wget command to download a latest Google Chrome debian package.

$ wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

$ dpkg -i ./google-chrome-stable_current_amd64.deb

$ sudo apt-get install -f

Install python dependencies.

$ pip install -r requirements.txt

Simple Usage Example :

$ python3 hosthunter.py <targets.txt>

$ cat vhosts.csv

More Examples

HostHunter Help Page

$ python3 hosthunter.py -h
usage: hosthunter.py [-h] [-V] [-f FORMAT] [-o OUTPUT] [-b] [-sc] targets
|<— HostHunter v1.5 – Help Page —>|
positional arguments:
targets Sets the path of the target IPs file.
optional arguments:
-h, –help show this help message and exit
-V, –version Displays the currenct version.
-f FORMAT, –format FORMAT
Choose between CSV and TXT output file formats.
-o OUTPUT, –output OUTPUT
Sets the path of the output file.
-b, –bing Use Bing.com search engine to discover more hostnames
associated with the target IP addreses.
-sc, –screen-capture
Capture a screen shot of any associated Web
Applications.

Run HostHunter with Bing and Screen Captures modules enabled

$ python3 hosthunter.py –bing -sc -f csv -o hosts.csv

Display Results

$ cat hosts.csv

View Screenshots

$ open ./screen_captures/

Features

Works with Python3
Scraps Bing.com results
Supports .txt and .csv output file formats
Validates target IPv4 addresses
Takes Screenshots of the targets
Extracts hostnames from SSL certificates
Utilises Hacker Target API

Credits: Andreas Georgiou

Related

Bing-IP2Hosts : A Bing.com Web Scraper That Discovers Websites By IP Address

June 16, 2020

In "Kali Linux"

Kali Linux 2021.3 Released for NetHunter Smartwatch and With New Hacking Tools

September 15, 2021

In "Kali Linux"

Termshark : A Terminal UI For Tshark

May 7, 2019

In "Kali Linux"

R K

Next Twint : Twitter Intelligence Tool »

Previous « Adidnsdump : Active Directory Integrated DNS Dump Tool

Share

Published by

R K

Tags: HostHunterHostnamesOSINT

7 years ago

Recent Posts

How To

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

23 hours ago

How To

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

1 day ago

How To

How To Debug Bash Scripts Using bash -x And set Commands

Introduction Debugging is an important part of Bash scripting. When a script does not work…

1 day ago

How To

How To Use Cron Jobs With Bash Scripts For Automation

Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…

1 day ago

How To

How To Use Pipes In Bash Scripts For Command Chaining

Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…

1 day ago

How To

How To Use grep, awk, And sed In Bash Scripts

Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…

1 day ago

L