-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathoif
62 lines (51 loc) · 2.73 KB
/
oif
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/bin/bash
while getopts "d:c:s:h:z:" opt; do
case $opt in
d)
domain=$OPTARG
;;
censys)
CENSYS_API_ID_CENSYS_API_SECRET=$OPTARG
;;
securitytrails)
SECURITYTRAILS_API=$OPTARG
;;
hunter)
HUNTER_API=$OPTARG
;;
zoomeye)
ZOOMEYE_API=$OPTARG
;;
\?)
echo "Invalid option: -$OPTARG" >&2
exit 1
;;
:)
echo "Option -$OPTARG requires an argument." >&2
exit 1
;;
esac
done
if [[ -z $domain ]]
then
echo "Usage: oif -d domain.com"
exit 1
fi
echo -e "\033[96mDomain Info:\033[0m"
echo $domain | httpx -duc -silent -sc -cl -title
echo -e "\n\033[96mOrigin IPs Info:\033[0m"
dig=$(dig @1.1.1.1 $domain A +short)
shodan=$(shodan search ssl:$domain --fields ip_str,port --separator ":" | sed 's/:$//' | sed 's/:\(80\|443\)$//')
censys=$(curl -s -g -X 'GET' "https://search.censys.io/api/v2/hosts/search?per_page=25&virtual_hosts=EXCLUDE&q=$domain" -H 'Accept: application/json' --user "$CENSYS_API_ID_CENSYS_API_SECRET" | jq -r '.result.hits[] | (.ip + ":" + (.services[] | .port | tostring))' | sed 's/:\(80\|443\)$//')
securitytrails=$(curl -s --request GET --url "https://api.securitytrails.com/v1/history/$domain/dns/a" --header "apikey: $SECURITYTRAILS_API" | jq -r '.records[].values[].ip')
viewdns=$(curl -s "https://viewdns.info/iphistory/?domain=$domain" -H 'referer: https://viewdns.info/iphistory/?domain=rix4uni.com' -H 'user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36' | grep -oP '(?<=<td>)(\d{1,3}\.){3}\d{1,3}(?=</td>)')
hunterqbase64=$(echo -n "cert.subject=\"$domain\"" | base64)
end_time=$(date +%Y-%m-%d)
start_time=$(date -d "$end_time - 31 days" +%Y-%m-%d)
hunter=$(curl -s -k -X GET "https://api.hunter.how/search?api-key=$HUNTER_API&query=$hunterqbase64&page=1&page_size=10&start_time=$start_time&end_time=$end_time" | jq -r '.data.list[] | "\(.ip):\(.port)"' | sed 's/:\(80\|443\)$//')
fofaqbase64=$(echo -n "cert.subject.cn=\"$domain\"" | base64)
fofa=$(curl -s "https://en.fofa.info/result?qbase64=$fofaqbase64&page=1&page_size=10" | grep -oP '(?<=</p><p><a href="/result\?qbase64=)[^"]+(?=" class)' | base64 --decode | grep -oP '(?<=ip=")[^"]+')
zoomeye=$(curl -s -H "API-KEY: $ZOOMEYE_API" "https://api.zoomeye.hk/web/search?query=site:"$domain"&page=1" | jq -r '.matches[].ip[]')
zoomeye_without_api=$(curl -s "https://www.zoomeye.hk/api/search?q=site:"$domain"&page=1&t=v4+v6+web" | jq -r '.matches[].ip[]')
echo $dig $shodan $censys $securitytrails $viewdns $hunter $fofa $zoomeye $zoomeye_without_api | tr ' ' '\n' | sort -u | httpx -duc -silent -sc -cl -title
echo -e "\n\033[91mNOTE: Check Same Content Length and Same Title that's Your Origin IPs:\033[0m"