crash.software
Projects
Pull Requests
Issues
Builds
opensquat
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY opensquat Commits a2f82828
🤬
  • ■ ■ ■ ■ ■
    CHANGELOG
     1 +v1.97 (2020-10-18)
     2 ++ Domains can be verified is they are blacklisted to any VirusTotal engine
     3 ++ You can now filter results usign different args
     4 ++ minor change, the number of domains showing with the thousand comma
     5 + 
    1 6  v1.96 (2020-10-11)
    2 7  + Bandwidth saving - only download the latest feeds if it has changed
    3 8  + added generic.txt containing generic keywords used for phishing
    skipped 64 lines
  • ■ ■ ■ ■
    opensquat/__init__.py
    1 1  # -*- coding: utf-8 -*-
    2 2  # Module: __init__.py
    3 3  """openSquat Version."""
    4  -__VERSION__ = "1.96"
     4 +__VERSION__ = "1.97"
    5 5   
  • ■ ■ ■ ■
    opensquat/app.py
    skipped 294 lines
    295 295   """
    296 296   print("[*] keywords:", self.keywords_filename)
    297 297   print("[*] keywords total:", self.keywords_total)
    298  - print("[*] Total domains:", self.domain_total)
     298 + print("[*] Total domains:", f"{self.domain_total:,}")
    299 299   print("[*] Threshold:", self.confidence[self.confidence_level])
    300 300   
    301 301   def worker(self):
    skipped 297 lines
  • ■ ■ ■ ■ ■
    opensquat/arg_parser.py
    skipped 167 lines
    168 168   action="store_true",
    169 169   help="Verify is port 80/443 is open",
    170 170   )
     171 + parser.add_argument(
     172 + "--vt",
     173 + action="store_true",
     174 + help="validate against VirusTotal",
     175 + )
    171 176   
    172 177   args = parser.parse_args()
    173 178   
    skipped 2 lines
  • ■ ■ ■ ■ ■
    opensquat/vt.py
    skipped 11 lines
    12 12  """
    13 13  import requests
    14 14  import json
     15 +import time
    15 16   
    16 17   
    17 18  class VirusTotal:
    skipped 2 lines
    20 21   self.domain = ""
    21 22   self.subdomains = []
    22 23   self.URL = ""
     24 + self.content = ""
     25 + self.op = ""
    23 26   
    24 27   def set_domain(self, domain):
    25 28   self.domain = domain
    26 29   
    27  - def check_subdomain(self):
     30 + def set_operation(self, op):
     31 + self.op = op
    28 32   
    29  - self.URL = "https://www.virustotal.com/ui/domains/" + self.domain \
    30  - + "/subdomains"
     33 + def get_content(self):
     34 + 
     35 + if self.op == "subdomains":
     36 + self.URL = "https://www.virustotal.com/ui/domains/" + self.domain \
     37 + + "/subdomains"
     38 + else:
     39 + self.URL = "https://www.virustotal.com/ui/domains/" + self.domain
    31 40   
    32 41   # User-Agent Headers
    33 42   headers = {
    skipped 2 lines
    36 45   "Chrome/78.0.3904.108 Safari/537.36"
    37 46   }
    38 47   
     48 + # Get response content
    39 49   response = requests.get(self.URL, stream=True, headers=headers)
    40 50   content = json.loads(response.content)
     51 + 
     52 + self.content = content
     53 + 
     54 + def get_subdomains(self):
    41 55   
    42 56   try:
    43  - if "error" in content:
     57 + if "error" in self.content:
    44 58   print(" \_ VirusTotal might be throttling/blocking")
    45 59   return False
    46  - elif content.get('data'):
    47  - for item in content['data']:
     60 + elif self.content.get('data'):
     61 + for item in self.content['data']:
    48 62   if item['type'] == 'domain':
    49 63   subdomain = item['id']
    50 64   self.subdomains.append(subdomain)
    skipped 5 lines
    56 70   else:
    57 71   return False
    58 72   
    59  - def main(self, domain):
     73 + def get_malicious(self):
     74 + 
     75 + try:
     76 + malicious = (
     77 + self.content
     78 + ['attributes']
     79 + ['last_analysis_stats']
     80 + ['malicious']
     81 + )
     82 + except KeyError:
     83 + return -1
     84 + 
     85 + return malicious
     86 + 
     87 + def main(self, domain, op):
    60 88   self.set_domain(domain)
    61  - subdomains = self.check_subdomain()
     89 + self.set_operation(op)
     90 + self.get_content()
    62 91   
    63  - if subdomains:
    64  - return subdomains
     92 + if (op == "subdomains"):
     93 + return self.get_subdomains()
    65 94   else:
    66  - return False
     95 + return self.get_malicious()
    67 96   
  • ■ ■ ■ ■ ■
    opensquat.py
    skipped 73 lines
    74 74   args.ct
    75 75   )
    76 76   
     77 + if args.subdomains or args.vt or args.subdomains or args.phishing \
     78 + or args.portscheck:
     79 + print("[*] Total found:", len(file_content))
     80 + 
    77 81   # Check for subdomains
    78 82   if (args.subdomains):
     83 + list_aux = []
    79 84   print("\n+---------- Checking for Subdomains ----------+")
    80 85   time.sleep(1)
    81 86   for domain in file_content:
    82 87   print("[*]", domain)
    83  - subdomains = vt.VirusTotal().main(domain)
     88 + subdomains = vt.VirusTotal().main(domain, "subdomains")
    84 89   
    85 90   if subdomains:
    86 91   for subdomain in subdomains:
    skipped 2 lines
    89 94   " \_", subdomain +
    90 95   Style.RESET_ALL,
    91 96   )
     97 + list_aux.append(subdomain)
     98 + file_content = list_aux
     99 + print("[*] Total found:", len(file_content))
     100 + 
     101 + # Check for VirusTotal
     102 + if (args.vt):
     103 + list_aux = []
     104 + print("\n+---------- VirusTotal ----------+")
     105 + time.sleep(1)
     106 + for domain in file_content:
     107 + malicious = vt.VirusTotal().main(domain, "malicious")
     108 + 
     109 + if malicious > 0:
     110 + print(
     111 + Style.BRIGHT + Fore.RED +
     112 + "[*] found:", domain, "({})".format(str(malicious)) +
     113 + Style.RESET_ALL,
     114 + )
     115 + list_aux.append(domain)
     116 + elif malicious < 0:
     117 + print(
     118 + Style.BRIGHT + Fore.YELLOW +
     119 + "[*] VT is throttling the response:", domain +
     120 + Style.RESET_ALL,
     121 + )
     122 + file_content = list_aux
     123 + print("[*] Total found:", len(file_content))
    92 124   
    93 125   # Check for phishing
    94 126   if (args.phishing != ""):
    95 127   file_phishing = phishing.Phishing().main(args.keywords)
    96 128   output.SaveFile().main(args.phishing, "txt", file_phishing)
    97 129   
     130 + # Check if domain has webserver port opened
    98 131   if (args.portcheck):
    99  - file_content_ports = []
     132 + list_aux = []
    100 133   print("\n+---------- Domains with open webserver ports ----------+")
    101 134   time.sleep(1)
    102 135   
    skipped 1 lines
    104 137   ports = port_check.PortCheck().main(domain)
    105 138   
    106 139   if ports:
    107  - file_content_ports.append(domain)
     140 + list_aux.append(domain)
    108 141   print(
    109 142   Fore.YELLOW +
    110 143   "[*]", domain, ports, "" +
    111 144   Style.RESET_ALL,
    112 145   )
    113  - 
    114  - file_content = file_content_ports
     146 + file_content = list_aux
     147 + print("[*] Total found:", len(file_content))
    115 148   
    116 149   output.SaveFile().main(args.output, args.type, file_content)
    117 150   end_time_squatting = round(time.time() - start_time_squatting, 2)
    skipped 20 lines
Please wait...
Page is in error, reload to recover