Spyse is a developer of complete DAAS (Data-As-A-Service) solutions for Internet security professionals, corporate and remote system administrators, SSL / TLS encryption certificate providers, data centers and business analysts. All Spyse online solutions are represented by thematic services that have a single platform for collecting, processing and aggregating information.

Supports the following APIs:

Python API wrapper and command-line client for the tools hosted on spyse.com.

Also Read – PivotSuite : Network Pivoting Toolkit To Hack The Hidden Network


pip3 install spyse.py

Using the client

Required Arguments

  • -target
  • -param

Optional Arguments

  • -page
  • -apikey
  • --raw

What is the param argument?

It allows you to search their database for IPs, IP ranges, domain names, URLs, etc. The parameter argument is meant to specify the type of your input.

List of parameters

  • cidr
  • domain
  • ip
  • page
  • url
  • hash
  • q

Using search queries

Much like Shodan, it allows you to use search queries. To do this, you must supply the “q” parameter. From there, it’s as simple as supplying “org: Microsoft” as the target.

spyse -target “org: Microsoft” -param q –ssl-certificates

Searching for subdomains

spyse -target xbox.com -param domain –subdomains

Reverse IP Lookup

spyse -target -param ip –domains-on-ip

Searching for SSL certificates

spyse -target hotmail.com -param domain –ssl-certificates

spyse -target “org: Microsoft” -param q –ssl-certificates

Getting all DNS records

spyse -target xbox.com -param domain –dns-all

Navigating multiple pages using your API key

export SPYSEKEY=”yourkeyhere”
spyse -target xbox.com -param domain -apikey $SPYSEKEY -page 2 —ssl-certificates

Piping to jq and aquatone

Initially when I decided to write this client I really wanted it to focus on flexibility within the command-line, which is why there is the --raw option. From there you can work with the raw JSON returned by the API.

spyse -target hackerone.com -param domain –dns-soa –raw | jq

spyse -target hackerone.com -param domain –subdomains –raw | aquatone

Using the library

Without API Key

from spyse import spyse

s = spyse()
subdomains = s.subdomains(“xbox.com”, param=”domain”)

With API Key

from spyse import spyse

#Using the API key allows us to go through multiple pages of results
s = spyse(‘API_TOKEN_GOES_HERE’)
subdomains = s.subdomains_aggregate(“xbox.com”, param=”domain”, page=2)

Search using CIDR

from spyse import spyse

s = spyse()
results = s.domains_on_ip(“″, param=”cidr”)

Work with an existing file

from spyse import spyse

s = spyse()
results = []

with open(“domains.txt”) as d:
for line in d:
# default value for param=”domain”, so we don’t
# need to specify here
r = s.subdomains_aggregate(line)